Refer to the following troubleshooting resources for the Cortex XDR agent for Windows.
Resource | Description |
---|---|
Services, Drivers, and Processes | Services:
Drivers:
Processes:
|
Cortex XDR installation log | Specifies any errors encountered during installation of agent components. Use this log file when you need to troubleshoot installation issues. On Windows endpoints, the installer stores the log files in the |
Cortex XDR agent service log | Indicates information, warnings, and errors related to the Cortex XDR. The Service log is located in the following folder on the endpoint:
|
Cortex XDR agent console log | Indicates information, warnings, and errors related to the agent console. The Console log is located in the following folder on the endpoint:
|
Supervisor Command Line Tool (cytool.exe) | Allows you to manage agent features and perform advanced troubleshooting on the local endpoint from a command line interface. For more information, see Cytool for Windows. |
Unknown files for analysis | The agent stores unknown files to send to Cortex XDR in the In some cases, third-party Antivirus (AV) applications raise an alert for this folder. If this occurs, we recommend that you whitelist this folder in the third-party AV application. |
Cortex XDR Health Helper | Improves the upgrade process of the Cortex XDR agent, which monitors the machine at startup and initiates an upgrade rollback in case of a failed upgrade. As upgrades have multiple re-tries, the next try works on the agent of its original version with no interference. The service only runs at startup and remains in pause mode during other times. To ensure this service is not removed, a periodic task would re-instate the process in case it was removed. |