View Sensor Logs
You can view sensor logs to troubleshoot issues with a sensor.
In this topic:
Retrieve logs
In the System > Sensors screen, select the sensor(s) from the list. You can fetch logs for up to 10 sensors at once.
Above the sensor list, click Actions.
In the action list, select Fetch sensor log.
Click Action log/In progress from the top right corner of the screen. When the Cybereason platform log retrieves the log from the sensor and displays a Success message, click Download log.
Your browser downloads a zip file including the following log file(s) to your machine:
Sensor logs
Anti-Malware (signatures) log
Anti-Ransomware log
Execution Prevention service log
Application Control log
Anti-Malware (artificial intelligence) log
Example: Accessing sensor logs
Here is an example of accessing the Anti-Malware (signatures feature) log:
On the machine, in the
C:\ProgramData\apv2\Logs
folder, find the AmSvc.log log file, alongside the other sensor log files:
Open the file. Here is how it appears, displaying notifications of first time update and malware detection:
Find log files on sensor machines
If a sensor is not connected and you need to troubleshoot an issue on the sensor, you can access sensor logs directly on the machine. The tables below show the location and name of log files.
Machines with Windows 7 and higher or Windows Server 2008 and higher:
Log type |
Log name |
Log location |
---|---|---|
Sensor logs |
Several log files. Main log file is: CybereasonActiveProbe.log |
C:\ProgramData\apv2\Logs |
Sensor communication logs |
CybereasonActiveConsole.log |
C:\ProgramData\apv2\Logs |
Anti-Malware signatures log |
AmSvc.log |
C:\ProgramData\apv2\Logs |
Anti-Ransomware log |
CybereasonCrs.log |
C:\ProgramData\crs1 |
Execution Prevention service log |
CRExecPrev.log |
C:\ProgramData\crb1 |
Application Control log |
AcScanner.log |
C:\ProgramData\crb1 |
Anti-Malware (artificial intelligence) log |
NGAV.log |
C:\ProgramData\crb1 |
Other operating systems:
Operating system |
Sensor log location |
---|---|
Mac |
/usr/local/cybereason/Logs |
Linux |
/opt/cybereason/sensor/Logs/ |