Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Cb Defense: Troubleshooting Performance and Interop Issues with the Sensor

Cb Defense: Troubleshooting Performance and Interop Issues with the Sensor


Cb Defense (formerly Confer) - All


This document provides information on how to troubleshoot to performance and Interop Issues with the Sensor for Windows and MAC


If a sensor is installed on a machine and any variety of issues is present, do not uninstall the sensor. Removal of the Sensor de-registers the device and log files are no longer accessible. A performance or interoperability issue may be that a program seems to be taking a long time to open or a program or operation is being delayed or blocked. The best approach when troubleshooting any issues that are directly or indirectly related with the sensor is to enable bypass. Bypass or passive mode or Passthru are synonyms that are used in various places. When a Sensor is in bypass, it runs in the background but does not collect any information or perform any operations.

If an issue occurs where an installation is being blocked, a program seems to be launching or running slowly, or a program does not seem to be behaving properly, the workflow to troubleshoot is:

  1. Log what the user was doing and what time the event occurred. Collect all relevant information about that point in time (i.e. Machine Hostname, software, date and time, etc)
  2. Put the sensor into bypass so the user may continue using the system without any further issues.
  3. Notify Technical Support via a case.
  4. Technical Support will request and collect the log files from the UI for investigation.
  5. Other information may be required during the investigation, but Technical Support will ultimately outline what is required and when the device can resume normal and non-bypassed operation.

To put a machine into Bypass:

  1. From the Enrollment page, click the checkbox in the respective row for that device.
  2. Click Actions - "Enable Bypass"
  3. In the back-end, this request is queued.
  4. When the sensor checks in, the request will be processed and the device will go into bypass.
  5. Verify that the device shows as Bypass-Enabled in the UI in Enrollment

Related solution

Cb Defense: Verify if a Sensor is in Bypass mode on the local workstation

Labels (1)
Was this article helpful? Yes No
100% helpful (1/1)
Article Information
Creation Date: