App Control: Collecting Historical Logs Remotely for Server Troubleshooting

App Control: Collecting Historical Logs Remotely for Server Troubleshooting

Environment

  • App Control (Formerly CB Protection) Server: All Versions

Objective

To remotely collect historical logs for troubleshooting the App Control Server.

Resolution

  1. Gather the following information:
    • What version of the App Control Server are you running?
    • What version of SQL are you using?
    • Is the SQL database located on the same server as the App Control Server?
    • How much of that total RAM is dedicated to the SQL instance hosting the DAS database?
    • What error message or Bit9 events are you receiving regarding this issue?
    • When did it start?
    • Were there any new changes on the server(s) or the network recently?
  2. Collect App Control Server logs:
    1. Log in to the App Control Console.
    2. Browse to https://<server name>/support.php and go to the Diagnostics tab.
    3. Click on 'Snapshot Server Logs'
    4. Click on “Available log files" from the right hand side 'Related Views' menu link
    5. Save a copy of the 3 files:
      • PHPErrors-date-time.log
      • ReporterLog-date-time.log
      • ServerLog-date-time.bt9
    6. Collect Windows Application and System Event logs. 
    7. Upload all collected data to: https://community.carbonblack.com/t5/CB-Vault/gp-p/g-4922
    8. Once the upload completes, please comment in your case that the data is available for review.

Related Content


Labels (1)
Tags (2)
Was this article helpful? Yes No
100% helpful (2/2)
Article Information
Author:
Creation Date:
‎11-20-2018
Views:
3618
Contributors