Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Sign In Create an Account Dell Financial Services Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

Article Number: 000126416

How to Determine the Signature Version for VMware Carbon Black

Summary: How to find out what the latest virus definition for VMware Carbon Black is and what the current installed virus definition is on an endpoint.

This article may have been automatically translated. If you have any feedback regarding its quality, please let us know using the form at the bottom of this page.

Article Content

Symptoms

Affected Products:

  • VMware Carbon Black

This article discusses how to check the local signature version for VMware Carbon Black. VMware Carbon Black uses a technology that is called Virus Definition Files (VDF) to load signatures for use locally. Several methods are available to validate the latest VDF version and the VDF version that is installed on an endpoint.

Cause

Not Applicable

Resolution

To verify the latest VDF version available and the Published Date open the link below:
https://www.carbonblack.com/vdflookup/ This hyperlink is taking you to a website outside of Dell Technologies.

VDF History Search Page
Figure 1: (English Only) VDF History Search Page

It is possible to verify the VDF version that is installed on a specific endpoint following the steps below:

  1. Log in to Carbon Black Cloud console.
  2. Go to Endpoints page:

Click Endpoints
Figure 2: (English Only) Click Endpoints

  1. Search for a specific endpoint by name or using the available filters:

Search for endpoint
Figure 3: (English Only) Search for endpoint

  1. Hover the hover over the sign in the SIG column and wait for the text to appear showing the VDF Version installed on the endpoint:

Hover over SIG field
Figure 4: (English Only) Hover over SIG field

With online access not always being available, it is possible to check the local signature version on the endpoint through RepCLI. Approved administrators through CLI_USERS do not have to have been set to leverage this method.

  1. Log in to the endpoint with an administrative user.
  2. Right-click Start > Run.
  3. In the Run dialog box type cmd and click OK to open a Command Prompt:

Run cmd
Figure 5: (English Only) Run cmd

  1. Browse to the folder C:\Program Files\Confer typing the command:
cd C:\Program Files\Confer
  1. To check the VDF version run the command below:
Repcli status

The Local Scanner Version correlates to the version of the VDF files on the endpoint.

Run commands in Command Prompt
Figure 6: (English Only) Run commands in Command Prompt

Note: If a policy disables On-Access Scanning, or if no signature files have been updated on the endpoint, the Local Scanner Version may be blank.

To update the local signature version on the endpoint through RepCLI Follow the below steps.

  1. Log in to the endpoint with an administrative user.
  2. Right-click Start > Run.
  3. In the Run dialog box type cmd and click OK to open a Command Prompt:

Run cmd
Figure 7: (English Only) Run cmd

  1. Browse to the folder C:\Program Files\Confer typing the command:
cd C:\Program Files\Confer
  1. To update the VDF version, run the command below:
Repcli updateavsignature -wait

Run commands in Command Prompt
Figure 8: (English Only) Run commands in Command Prompt

To contact support, reference Dell Data Security International Support Phone Numbers.
Go to TechDirect to generate a technical support request online.
For additional insights and resources, join the Dell Security Community Forum.

 

Article Properties

Affected Product

VMware Carbon Black

Last Published Date

03 Aug 2023

Version

10

Article Type

Solution

Back to Top