Diagnostic files are listed in the table that appears on the Diagnostic Files tab of the Requested Files page.
Procedure
- Click the Diagnostic Files tab. Any diagnostic files uploaded to the server are shown in the table.
When you request a diagnostic file upload from an agent, a zip file is uploaded to the server with diagnostic and log files relevant to the agent. For example, on Windows systems, the zip file includes the agent Logs folder (ProgramData\Bit9\Parity Agent\Logs) and selected log files from the Windows folder. The exact files included in the zip file vary by operating system platform.
Uploaded diagnostic files are named in the following format:
<computername> -diagnostics-<date> -<time> .zipServer diagnostics files can be .log, .dmp, or other formats.
The following table shows the columns available for the Diagnostic Files page, some of which appear by default and some of which you must add.
Table 1. Diagnostic Files Table Columns Column
Description
Actions
The Action column includes a checkbox for choosing files on which Action menu commands will act and buttons for taking action on individual files. The Action menu on this page includes the following commands:
- Cancel Uploads – Cancel the upload of checked files (if the upload has not been completed).
- Retry Uploads – Retry the upload of checked files.
- Delete Uploads – Delete the table rows for checked files, and, for successful uploads, delete the files from the server.
Download the file (if it was successfully uploaded) from the Carbon Black App Control Server to the computer on which the console is being viewed. Priority
Priority in which pending files are uploaded to the server. For diagnostic files, the priority is always Medium.
Request Date
When the file upload was requested.
Requester
The console user that requested the upload, or blank if the file is a server log.
Status
The status of the file upload. The possible values are:
- Uploaded – The upload completed successfully and the file is available on the server.
- Uploading – The upload is in progress but not yet complete; a partial file has been received by the server. This status is likely to appear only for very large files.
- Initiated – The upload task has been received by the agent where the file is located.
- Queued – The upload task has not yet been sent to the agent.
- Error – The upload failed. Hovering the cursor over this status displays the error message. Errors include: No file with hash, The system cannot find the path specified, The system cannot find the file specified.
- Canceled – The upload was cancelled by a console user.
Computer
The name of the computer from which the file was uploaded.
File Name
The name of the uploaded file.
File Size
The size (in bytes) of the file.
Upload %
The percent of the upload that is finished. Completed uploads show 100%. Failed uploads and uploads not yet started show 0%.
Upload Date
When the file was uploaded to the server.
Upload Directory
The directory on the Carbon Black App Control Server to which the file was uploaded. Value is “(default)” for manual uploads, which use the directory configured in the System Configuration Advanced Options tab. If the upload is due to an event rule, the actual path is shown.
Error
A description of the error that prevented the file from uploading. Not shown by default.
File Path
The location on the agent computer from which the file was uploaded. Not shown by default.
Prevalence
The number of agent-managed computers reporting to your server on which this file is present.
MD5
The MD5 hash of the file.
SHA256
The SHA-256 hash of the file.
Source
Source of the request for upload. Either “Event rule” or “Manual”.
Source Name
If the request was due to an event rule, the name of the rule. If the request was manual, this field is empty.
