Agent Log Collection
Question
Operator needs to collect logs of Xshield agent from the server for troubleshooting.
Answer
Typically, agent logs (to be used for troubleshooting) can be collected from the Xshield security platform. However, this method works only when the agent has connectivity to the Xshield security platform.
When the connectivity has been lost and the logs are still required, one must follow the below procedures to collect the logs locally and then have the customer retrieve and ship them to the ColorTokens Technical Support Team for further analysis.
Windows
From the desktop, open cmd/powershell as admin user. Run the below commands on the prompt:
- cd C:\Program Files\Colortokens\xshield-monitoring-agent\
- .\ctagent.exe diags - in powershell or ctagent diags - in cmd
The diagnostics log file will be stored in the “C:\tmp” directory
Linux
Open a terminal window using application of your choice. You must be logged in as an admin user or have sudo privileges.
Run the below commands
- cd /etc/colortokens/
- ./ctagent diags
The diagnostics log file will be stored in "/etc/colortokens-cmd/diagnose/”
AIX
The procedure is the same as for Linux