End-of-Life (EoL)

Troubleshooting Resources for Cortex XDR Agent for Windows

Use the resources in this topic to troubleshoot the Cortex XDR agent 7.0 on Windows endpoints.
Resource
Description
Cortex XDR™ installation log
Specifies any errors encountered during installation of agent components. Use this log file when you need to troubleshoot installation issues. On Windows endpoints, the installer stores the log files in the
%temp%
or
C:\Users\<user_name>\AppData\Local\Temp
folder.
Cortex XDR agent service log
Indicates information, warnings, and errors related to the Cortex XDR. The Service log is located in the following folder on the endpoint:
  • Windows Vista or a later Windows OS
    %ProgramData%\Cyvera\Logs
  • Windows XP
    C:\Document and Settings\All Users\Application Data\Cyvera\Logs
Cortex XDR agent console log
Indicates information, warnings, and errors related to the agent console. The Console log is located in the following folder on the endpoint:
  • Windows Vista or a later Windows OS
    C:\Users\<username>\AppData\Roaming\Cyvera
  • Windows XP
    C:\Document and Settings\<username>\Application Data\Cyvera\Logs
Supervisor Command Line Tool (cytool.exe)
Allows you to manage agent features and perform advanced troubleshooting on the local endpoint from a command line interface. For more information, see Cytool for Windows.
Unknown files for analysis
The agent stores unknown files to send to Cortex XDR in the
C:\ProgramData\Cyvera\Temp
folder. After Cortex XDR submits a file to WildFire®, the agent deletes the file from the Temp folder.
In some cases, third-party Antivirus (AV) applications raise an alert for this folder. If this occurs, we recommend that you whitelist this folder in the third-party AV application.

Recommended For You