Cortex XDR enables you to collect your broker VM logs directly from the Cortex XDR management console.
You can collect logs by either regenerating the most up-to-date logs and downloading them once they are ready, or downloading the current logs from the last creation date reflected in the TIMESTAMP.
In Cortex XDR , select → → → to view the Broker VMs table.
Locate your broker VM, right-click and select one of these options depending on the type of logs you want to download.
Generate New Logs— Regenerates the most up-to-date logs and downloads them once they are ready.
Download Logs (<TIMESTAMP>)—Downloads the logs from the last creation date reflected in the <TIMESTAMP> displayed. This option is only displayed when you’ve downloaded your logs previously using Generate New Logs.
Logs are generated automatically, but can take up to a few minutes depending on the size of the logs.