Just Published! Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Endpoint Standard: How to Use ProcDump to Gather Application / Service Crash Logs

Endpoint Standard: How to Use ProcDump to Gather Application / Service Crash Logs

Environment

  • Endpoint Standard (formerly CB Defense sensor): All Supported Versions
  • Microsoft Windows: All Supported Versions
  • Applications or Services crash with Sensor installed and active

Objective

Gather logs for crashing Applications or Services.

Resolution

  1. Download ProcDump tool via ProcDump - Windows Sysinternals
  2. Open a Command Prompt window with Administrator access
  3. Navigate to the folder you have saved ProcDump in
  4. Execute the command "procdump -ma -i" to set procdump.exe as the Default Debugger on the Device
  5. Recreate the issue that caused the application / service to crash previously
  6. The logs will be generated in the same directory as procdump.exe is executed from
  7. Upload logs to the CB Vault

Additional Notes

Any additional error messages generated by the application / service during the crash should be captured with screen shots as they may be helpful. Please include the time they occurred as this will be helpful in log review.

Related Content


Was this article helpful? Yes No
100% helpful (1/1)
Article Information
Author:
Creation Date:
‎08-08-2018
Views:
1993
Contributors