- Used when logs are not giving enough information about the issue.
-
You have already done the necessary troubleshooting steps such as troubleshooting the network and normal 'info' logs
-
Obtaining the verbose logs for a deeper dive into a scan:
Agent:
To obtain the 'verbose' logs of the agent we will need to modify the config.toml file which is located in C:\Program Files\Infocyte\Agent --> config.toml. Here are the following steps to get the 'verbose' logs of the agent now that we have the path:
-
Open Notepad as Admin on the Host
-
In Notepad go to File --> Open.. --> Navigate to C:\Program Files\Infocyte\Agent.
-
Change the file type to 'All Documents' --> Open the config.toml file.
-
Change the log-level from 'info' to 'verbose'.
-
Save the new config.toml file (reopen the config.toml file to make sure it was changed correctly).
-
Restart the Infocyte Hunt Agent service.
- Now conduct an individual scan on this host and retrieve the new logs.
Controller:
To obtain the 'verbose' logs for the controller we will need to modify the config.json file which is located in C:\Program Files\Infocyte\Hunt Controller --> config.json. Here are the following steps to get the 'verbose' logs for the controller now that we have the path:
-
Open Notepad as Admin on the controller machine
-
In Notepad go to File --> Open.. --> Navigate to C:\Program Files\Infocyte\Hunt Controller --> config.json.
-
Change the file type to 'All Documents' --> Open the config.json file.
-
Change the log-level from "info" to "verbose".
-
Save the new config.json file (reopen the config.json file to make sure it was changed correctly).
-
Restart the Infocyte Hunt Controller service.
-
Now conduct a temp scan and retrieve the new logs.
The logs will now be verbose and will give us more information on the scan.
Comments
0 comments
Please sign in to leave a comment.