Snare Agents – Getting the Debug Log
SUMMARY
Dec 02, 2016
To further investigate your issue, it is helpful if the Support team is provided with the debug log for your agent. This will log information on objectives that are targeted and for Epilog, any filename and new log records it has detected.
Snare Agent for Windows
Start a command prompt on the machine where Snare is installed, as Administrator and change directory to your Snare installation (e.g. c:\Program Files\Snare).
Execute the following:
> net stop snare
> snarecore -c -d9 > my-debug.log
(where my-debug.log is the name given to your file output)Let this run for a few minutes and then Ctrl-C to stop the log.
Attach the output file to the support ticket. Don't forget to restart Snare:
> net start snare
Snare Epilog for Windows
Start a command prompt on the machine where Epilog is installed, as Administrator and change directory to your Epilog installation (e.g. c:\Program Files\Epilog).
Execute the following:
> net stop epilog
> epilog -d9 > my-debug.log
(where my-debug.log is the name given to your file output)Let this run for a few minutes and then Ctrl-C to stop the log.
Attach the output file to the support ticket. Don't forget to restart Snare:
Snare Agent for MSSQL
Start a command prompt on the machine where Snare MSSQL is installed, as Administrator and change directory to your Snare MSSQL installation (e.g. c:\Program Files\SnareMSSQL).
Execute the following:
Let this run for a few minutes and then Ctrl-C to stop the log.
Attach the output file to the support ticket. Don't forget to restart Snare: