Creating Deep Security diagnostic packages

Product / Version includes:

Deep Security11.1 , Deep Security11.2 , Deep Security20.0 , Deep Security11.0 , Deep Security10.2 , Deep Security10.1 , Deep Security10.0 , Deep Security12.0 , Deep SecurityAll , Deep Security10.3

Last updated: 2024/04/24

Solution ID: KA-0001618

Category: Troubleshoot

Summary

Learn how to create a diagnostic package for Deep Security Manager (DSM), Deep Security Agent (DSA), and Deep Security Virtual Appliance (DSVA) from the Deep Security console or via command line.

To create a diagnostic package:

EXPAND ALL

For Deep Security Manager

From DSM console (recommended)

Log in to the DSM.
Go to Administration tab > System Information in the tree view.
Click the Create Diagnostics button.

From command line

Log in to the machine hosting the DSM.
Open the command prompt.
Navigate to the Deep Security Manager folder.
Enter either of these commands:
- - dsm_c -action diagnostic (does not include the debug.xml file)
  - dsm_c -action debug (includes the debug.xml file)
Diagnostic log is found in C:\Program Files\Trend Micro\Deep Security Manager

For Deep Security Agent

From DSM console (recommended)

Log in to the DSM and go to the Computers tab.
Navigate to the computer's tree view and select the computer that you will create the diagnostics for.
Double-click the computer.
In the Overview page, go to the Actions tab.
Click the Create Diagnostic Package button.

From command line (Windows)

Log in to the machine hosting the DSA.
Open the command line.
Navigate to the Deep Security Agent folder.
Run the following command:
```
dsa_control –d
```
DSA log is found in C:\ProgramData\Trend Micro\Deep Security Agent\diag

From command line (Linux, AIX, or Solaris)

Connect to the server that you want to generate the diagnostic package for.
Enter the command:
```
sudo /opt/ds_agent/dsa_control -d
```
The output shows the name and location of the diagnostic package: /var/opt/ds_agent/diag

For Deep Security Virtual Appliance

From DSM console (recommended)

Log in to the DSM and go to the Computers tab.
Navigate to the computer's tree view and select the computer that you will create the diagnostics for.
Double-click the computer.
In the Overview page, go to the Actions tab.
Click the Create Diagnostic Package button.

From command line

Log in to the DSVA.
Press Alt+F2 to switch to the terminal.
Log in with username: dsva
Navigate to the /opt/ds_agent folder.
Run the following command:
sudo ./dsa_control -d
Start SSH on the DSVA by following the steps outlined in the KB article, Enabling SSH access on Deep Security Virtual Appliance (DSVA).
Once SSH is up and running, use WinSCP for Windows or SCP for Linux to retrieve the diagnostic package file from the DSVA.

The command line diagnostics generation is a feature added in version 7.5. The later versions of DSA do not have this ability. There is a script on Linux called dsa-state-capture that can be run to get the Linux information, but there is none for Windows.

You can run msinfo32 on a Windows machine if you wish to collect some information.

Was this article helpful?

Featured

Automation Center

Education Portal

Online Help Center

Service Status

TrendConnect

Creating Deep Security diagnostic packages

For Deep Security Manager

For Deep Security Agent

For Deep Security Virtual Appliance

Creating Deep Security diagnostic packages

Product / Version includes:

Summary

For Deep Security Manager

For Deep Security Agent

For Deep Security Virtual Appliance