Collect Broker VM Logs

Whenever necessary, you can collect logs from any broker VM. You can then review these logs as part of an investigation.
Cortex
XDR
enables you to collect your broker VM logs directly from the
Cortex
XDR
management console.
You can collect logs by either regenerating the most up-to-date logs and downloading them once they are ready, or downloading the current logs from the last creation date reflected in the TIMESTAMP.
  1. In
    Cortex
    XDR
    , select
    Settings
    Configurations
    Data Broker
    Broker VMs
    to view the
    Broker VMs
    table.
  2. Locate your broker VM, right-click and select one of these options depending on the type of logs you want to download.
    • Broker Management
      Generate New Logs
      — Regenerates the most up-to-date logs and downloads them once they are ready.
    • Broker Management
      Download Logs (<TIMESTAMP>)
      —Downloads the logs from the last creation date reflected in the
      <TIMESTAMP>
      displayed. This option is only displayed when you’ve downloaded your logs previously using
      Generate New Logs
      .
    Logs are generated automatically, but can take up to a few minutes depending on the size of the logs.

Recommended For You