Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

EDR: How to Display the Service Status with RHEL/CentOS 7

EDR: How to Display the Service Status with RHEL/CentOS 7

Environment

  • EDR Server: 6.2.4 and above
  • RHEL/CentOS 7.x

Objective

When running "sudo systemctl start/stop cb-enterprise" there is no output

Resolution

  1. Open a new terminal/ssh session
  2. Run the following command after running "sudo systemctl start/stop cb-enterprise" in the other session
    journalctl -fexu cb-enterprise
    1. Ctrl+c to exit will be needed when complete

    Additional Notes

    • Running "sudo systemctl start/stop cb-enterprise && journalctl -fexu cb-enterprise" will work but it will only display once services stop / start have completed
    • sudo has to be run for the start and stop commands, even when in root
    • Systemctl only outputs when a service has failed. This is to give similar output to RHEL6/CentOS 6

    Related Content


    Labels (1)
    Tags (2)
    Was this article helpful? Yes No
    No ratings
    Article Information
    Author:
    Creation Date:
    ‎12-18-2018
    Views:
    3031
    Contributors