Traps Troubleshooting Resources
To troubleshoot Traps and the Endpoint Security Manager (comprising an ESM Server, the ESM Console, and a database), use the following resources:
Web interface, which provides reports and logs. The information is useful for monitoring and filtering the logs to interpret unusual behavior on your network. After analyzing a security event, you can choose to create a custom rule for the endpoint or process.
ESM Server DebugWeb log
Indicates information, warnings, and errors related to the Endpoint Security Manager. The DebugWeb log is located in the %ProgramData%\Cyvera\Logs folder of the ESM Server.
ESM Server log
Indicates information, warnings, and errors related to the Endpoint Database and ESM Server. The Server log is located in the %ProgramData%\Cyvera\Logs folder of the ESM Server.
ESM Tech Support file
On-demand aggregation of active ESM Console and ESM Server logs and settings to aid Technical Support in troubleshooting and diagnosing issues. For more information, see ESM Tech Support File.
Database (DB) Configuration Tool (dbconfig.exe)
Command-line interface that provides an alternative to managing basic server settings using the ESM Console. You can access the DB Configuration Tool using a Microsoft MS-DOS command prompt run as an administrator. For more information, see Database (DB) Configuration Tool.
Traps installation log
Specifies any errors encountered during installation of Traps or ESM components. Use this log file when you need to troubleshoot installation issues. On Windows endpoints, the installer stores the log files in the %temp% or C:\Users\<user_name>\AppData\Local\Temp folder.
Traps Service log
Indicates information, warnings, and errors related to the Traps service. The Service log is located in the following folder on the endpoint:
Traps Console log
Indicates information, warnings, and errors related to the Traps console.
The Console log is located in the following folder on the endpoint:
Traps and ESM initiated processes
Supervisor Command Line Tool (cytool.exe)
Allows you to enumerate protected processes, enable or disable protection features, and enable or disable Traps management actions from a command line interface. For more information, see Cytool.
Unknown files for analysis
Traps stores unknown files to send to the ESM Server in the C:\ProgramData\Cyvera\Temp folder. After the ESM Server submits a file to WildFire, the Traps agent deletes the file from the Temp folder.
In some cases, third-party Antivirus (AV) applications can raise an alert for this folder. If this occurs, it is recommended to whitelist this folder in the third-party AV application.
Why can’t I install Traps?
Why can’t I install Traps? Symptom Traps Setup reports the following error: Service “Traps” (CyveraService) failed to start. Verify that you have sufficient privileges. Possible ...
Troubleshooting Traps Troubleshooting Resources Traps and Endpoint Security Manager Processes ESM Tech Support File Database (DB) Configuration Tool Cytool Troubleshoot Traps Issues Troubleshoot ESM Console ...
Traps Endpoint Security Manager Known Issues
Known issues with the Traps Endpoint Security Manager and Traps agent 4.1. ...
Issues Addressed in Traps Endpoint Security Manager 4.1.4
Issues Addressed in Traps Endpoint Security Manager 4.1.4 The following table lists the issues that are addressed in the Traps™ 4.1.4 release. For new features ...
Verify Connectivity from the Endpoint
Verify Connectivity from the Endpoint After successfully installing Traps, the Traps agent should be able to connect to the server that is running the Endpoint ...
Traps Agent Settings Rules
Traps Agent Settings Rules Agent settings rules enable you to change preferences related to Traps from a central location. From the Settings Agent Settings page, ...
Install the Endpoint Security Manager Console Software
Install the Endpoint Security Manager Console Software You can install the ESM Console software on a dedicated server or on the same server as the ...
Change the Forensic Folder Destination Using the ESM Consol...
Change the Forensic Folder Destination Using the ESM Console To allow you to further troubleshoot or analyze security events, such as a prevention or crash, ...
Manage ESM Server Settings
Manage ESM Server Settings The ESM Server facilitates communication between Traps agents and WildFire. The ESM Server periodically communicates with WildFire to send unknown files ...