- Using dashboards
- Managing alerts across Cylance Endpoint Security services
- Managing users, devices, and groups
- Manage CylancePROTECT Desktop and CylanceOPTICS devices
- Manage zones
- Manage devices with the CylancePROTECT Mobile app
- Manage CylancePROTECT Mobile app and CylanceGATEWAY users
- View CylanceAVERT user details
- Manage user groups
- Configure device lifecycle management
- View a list of applications installed on CylancePROTECT Desktop devices
- Remove a registered FIDO device for a user account
- Discover unprotected devices
- Managing threats detected by CylancePROTECT Desktop
- Managing safe and unsafe lists for CylancePROTECT Desktop and CylancePROTECT Mobile
- Add a file to the CylancePROTECT Desktop global quarantine or global safe list
- Add a file to the CylancePROTECT Desktop local quarantine or local safe list
- Add a certificate to the CylancePROTECT Desktop global safe list
- Add an app, certificate, IP address, domain, or installer source to the CylancePROTECT Mobile safe or restricted list
- Analyzing data collected by CylanceOPTICS
- Using CylanceOPTICS to detect and respond to events
- Auditing administrator actions
- Managing logs
- Send events to a SIEM solution or syslog server
- Enable access to the Cylance User API
- Troubleshooting Cylance Endpoint Security
- Using the BlackBerry Support Collection Tool
- Using the Report a problem feature
- Removing the BlackBerry Connectivity Node software from Cylance Endpoint Security
- Troubleshooting CylancePROTECT Desktop
- Remove the CylancePROTECT Desktop agent from a device
- Re-register a Linux agent
- Troubleshoot update, status, and connectivity issues with CylancePROTECT Desktop
- A large number of DYLD Injection violations are reported by Linux devices
- Time zone variances for CylancePROTECT Desktop
- Folder exclusions when using CylancePROTECT Desktop with third-party security products
- Linux driver is not loaded. Upgrade the driver package.
- Troubleshooting CylanceOPTICS
- Managing threats detected by CylancePROTECT Mobile
- View mobile OS vulnerabilities
- Monitoring network connections with CylanceGATEWAY
- Monitoring sensitive files with CylanceAVERT
- BlackBerry Docs
- Cylance Endpoint Security
- Cylance Endpoint Security
- Cylance Endpoint Security Administration Guide
- Managing logs
- Manage logs for the CylancePROTECT Desktop agent
- Linux logging
- Collect agent log files from Linux devices
Collect agent log files from Linux devices
Linux
devicesUse the following commands to gather agent log files from a
Linux
device. Log files are stored on the device for 30 days. You must have root permissions to gather log files.Red Hat
and CentOS
ps aux > ~/ps.txtph product="Cylance">sudo pmap -x $(ps -e | grep cylancesvc | cut -d ‘ ‘ -f 1) > ~/maps.txt cat /proc/cpuinfo > ~/cpu.txt cat /proc/meminfo > ~/mem.txt cat /proc/mounts > ~/mounts.txt cat /proc/modules > ~/modules.txt cat /proc/slabinfo > ~/slabinfo.txt tar -cvzf cylancelogs-$(date --rfc-3339=’date’).tgz /var/log/messages* /opt/cylance/desktop/log ~/maps.txt ~/cpu.txt ~/mounts.txt ~/modules.txt ~/ps.txt ~/mem.txt ~/slabinfo.txt
Ubuntu
ps aux > ~/ps.txt sudo pmap -x $(ps -e | grep cylancesvc | cut -d ‘ ‘ -f 2) > ~/maps.txt cat /proc/cpuinfo > ~/cpu.txt cat /proc/meminfo > ~/mem.txt cat /proc/mounts > ~/mounts.txt cat /proc/modules > ~/modules.txt cat /proc/slabinfo > ~/slabinfo.txt tar -cvzf cylancelogs-$(date --rfc-3339=’date’).tgz /var/log/syslog* /opt/cylance/desktop/log ~/ps.txt ~/maps.txt ~/cpu.txt ~/mounts.txt ~/modules.txt ~/slabinfo.txt ~/mem.txt
Amazon
and SUSE
Linux
ps aux > ~/ps.txt sudo pmap -x $(ps -e | grep cylancesvc | cut -d ' ' -f 2) > ~/maps.txt cat /proc/cpuinfo > ~/cpu.txt cat /proc/meminfo > ~/mem.txt cat /proc/mounts > ~/mounts.txt cat /proc/modules > ~/modules.txt cat /proc/slabinfo > ~/slabinfo.txt tar -cvzf cylancelogs-$(date --rfc-3339='date').tgz /var/log/messages* /opt/cylance/desktop/log ~/ps.txt ~/maps.txt ~/cpu.txt ~/mounts.txt ~/modules.txt ~/slabinfo.txt