Knowledge Base

Access official resources from Carbon Black experts

Just Published! Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Environment

EDR Server: All versions

Objective

Execute an immediate Threat Intelligence feed sync to download latest threat intelligence for all feeds.

Resolution

For 6.2.1 and earlier EDR Server versions, execute as root (master only on a cluster)

/usr/bin/python -m cb.maintenance.job_runner --master -s feed_sync --full-sync

For 6.2.2 and later EDR Server versions, execute as root (master only on a cluster)

/usr/share/cb/virtualenv/bin/python -m cb.maintenance.job_runner --master -s feed_sync --full-sync

Additional Notes

Replace "-s" with "-vvv" in the commands when verbose output is required for validation. Using "-s" will generate a silent feed sync, while "-vvv" will generate verbose feed sync output.
Users will encounter an error: "/usr/bin/python: No module named cb.maintenance" when attempting to execute the 6.2.1 format command against 6.2.2 and later Cb Response Server releases.

Related Content

EDR: How to tag/untag feed binaries and events

Article Information

Author:

Creation Date:

‎09-19-2018

Views:

982