Environment
- App Control Agent: All Supported Versions
- Linux: All Supported Versions
Objective
To collect diagnostics for cases involving performance impacts.
Resolution
These commands need to be issued on the endpoint during the performance impact in order to accurately assess the situation.
- Open Terminal and issue the following commands:
cd /opt/bit9/bin
./b9cli --password GlobalCLIPassword
./b9cli --resetcounters
./b9cli --flushlogs
./b9cli --debuglevel 4
./b9cli --kerneltrace 4
./b9cli --nettrace 1
- Collect 5-10 minutes of data during the ongoing performance issues.
- Download the cbp-linux-sys-info script, extract and execute it. Once completed, collect the resulting /tmp/cbp-linux-sys-info.tgz file.
- Take a snapshot of the running b9daemon process using the gcore command (gcore is included with gdb which you may need to install).
gcore 'pidof b9daemon'
- Capture and stop debug logging:
sudo ./b9cli --capture /var/tmp/$HOSTNAME-PerformanceLogs.zip
./b9cli --password GlobalCLIPassword
./b9cli --debuglevel 0
./b9cli --kerneltrace 2
./b9cli --nettrace 0
- Collect the System Logs.
sudo tar cvfz /var/tmp/$HOSTNAME-SystemLogs.tgz /var/log
- After collection has completed, temporarily shutdown & unload the Agent, then reproduce with the TOP command:
top -c -n 10 -d 5 >> /var/tmp/$HOSTNAME-top_output.txt
- While the Agent is shutdown & unloaded, collect a FAPREDEP capture.
- Upload all collected data to the Vault.
Related Content