Environment
Objective
Execute an immediate Threat Intelligence feed sync to download latest threat intelligence for all feeds.
Resolution
- For 6.2.1 and earlier EDR server versions, execute as root (master only on a cluster)
/usr/bin/python -m cb.maintenance.job_runner --master -s feed_sync --full-sync
- For 6.2.2 and later EDR server versions, the "Sync all" option is available on the Threat Intelligence page under Actions
Additional Notes
- Replace "-s" with "-vvv" in the commands when verbose output is required for validation. Using "-s" will generate a silent feed sync, while "-vvv" will generate verbose feed sync output.
- If there are errors faced using the sync all option, there may be command options however utilising the console should be the first option
Related Content