Just Published! Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

EDR: How to execute an immediate full feed sync

EDR: How to execute an immediate full feed sync

Environment

  • EDR Server:  All versions

Objective

Execute an immediate Threat Intelligence feed sync to download latest threat intelligence for all feeds.

Resolution

  • For 6.2.1 and earlier EDR Server versions, execute as root (master only on a cluster)
/usr/bin/python -m cb.maintenance.job_runner --master -s feed_sync --full-sync
  • For 6.2.2 and later EDR Server versions, execute as root (master only on a cluster)
/usr/share/cb/virtualenv/bin/python -m cb.maintenance.job_runner --master -s feed_sync --full-sync

Additional Notes

  • Replace "-s" with "-vvv" in the commands when verbose output is required for validation.  Using "-s" will generate a silent feed sync, while "-vvv" will generate verbose feed sync output.  
  • Users will encounter an error: "/usr/bin/python: No module named cb.maintenance" when attempting to execute the 6.2.1 format command against 6.2.2 and later Cb Response Server releases.  

Related Content


Labels (1)
Tags (2)
Was this article helpful? Yes No
No ratings
Article Information
Author:
Creation Date:
‎09-19-2018
Views:
982
Contributors