Learn how to retrieve the password to access files from the Tech Support File (TSF), which is generated in a zip format protected by an encrypted password.
From Cortex XDR agent, the Tech Support File (TSF) is generated by the Cytool command log collect in a zip format that is protected by an encrypted password. The TSF file is archived inside another file which includes a metadata file that contains a token. This token is used to retrieve the password to unzip the TSF file.
There are two methods to retrieve the TSF file password:
Go to → →
At the top of the page, click the key icon
(Tokens and Passwords) and select Retrieve Support File Password.In the Retrieve Support File Password dialog box, in the Encrypted Password field, paste the token that you copied from the metadata file located in the saved file when running the Cytool log collect command.
Click the copy button to copy the password displayed and then click Ok. Use the password to unzip the TSF file.