To generate the
SVA or
SVM Minimum Escalation Requirements (MER) file, perform the steps in this article.
For customer escalations, the MOVE AV Agentless MER tool must be used to collect the following:
- All relevant DEBUG level logs
- System information from the SVA or SVM
Enable DEBUG level logging, reproduce the issue, and run the MER tool.
- Log on to the MOVE Agentless SVA or SVM console:
login: svaadmin
password: <ENTER_PASSWORD>
- Enable DEBUG level logging using the following commands:
sudo /opt/McAfee/move/bin/chloglevel DEBUG DEBUG DEBUG
[sudo] password for svaadmin: <ENTER PASSWORD>
IMPORTANT: This command requires sudo permissions, and the MOVE services to be restarted.
Or, if a user is already within the /opt/McAfee/move/bin folder, use the command:
./chloglevel DEBUG DEBUG DEBUG
- Replicate the issue that is being investigated.
- Run the MOVE AV Agentless MER tool using the following command:
sudo /opt/McAfee/move/bin/move-av-agntls-mer
Or, if a user is already within the /opt/McAfee/move/bin folder, use the command:
./move-av-agntls-mer
NOTES:
- The results of the MER tool are located in a single file in the /opt/McAfee/move/log/ folder, and include MOVE AV Agentless logs as well as Trellix Agent logs and other system information.
- The MOVE Agentless MER tool asks if the user would like to upload the MER file to a remote Windows share. To do this action, you must provide the following information:
- Remote IP address for Windows share, using forward slash (Example: '//192.168.44.54/share-name')
- Domain
- User name
- Password
After the file transfer is complete, the MER file is saved on the specified share as:
move-av-agntls-mer.tar.gz
- Disable DEBUG level logging:
sudo /opt/McAfee/move/bin/chloglevel WARN WARN WARN
[sudo] password for svaadmin: <ENTER PASSWORD>
