Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

EDR: How to Start, Stop and Restart EDR Application Services

EDR: How to Start, Stop and Restart EDR Application Services

Environment

  • EDR 7.4.0 and Higher

Objective

To start or stop the cb-enterprise (EDR) services on the command line.

Resolution

Standalone Server

  1. Log into the stand-alone server 
  2. Service commands
    • To start services, run:
      sudo /usr/share/cb/cbservice cb-enterprise start
  • To stop services:
    sudo /usr/share/cb/cbservice cb-enterprise stop
  • To restart services
    sudo /usr/share/cb/cbservice cb-enterprise restart


Clustered Environment

  1. Log into the Primary server
  2. Service Commands
    • To start the Cluster
      /usr/share/cb/cbcluster start
    • To stop the Cluster
      /usr/share/cb/cbcluster stop
    • To restart the cluster
      /usr/share/cb/cbcluster stop && /usr/share/cb/cbcluster start

Additional Notes

  • cbcluster should always be used for clustered environments. If a single node needs to be taken down for maintenance, the whole cluster needs to be taken down as the Datagrid and RabbitMQ communication will break. 
  • These commands replace the older service and systemctl commands that were previously used to start and stop EDR.  

Related Content


Labels (1)
Tags (2)
Was this article helpful? Yes No
No ratings
Article Information
Author:
Creation Date:
‎08-18-2021
Views:
1548
Contributors