Skip to main content

-detect

Use this command-line switch to search for traces of a running security agent.

The following table lists the usage examples for the detect switch.

OS

Operation

Windows

eps.rmm.exe -detect [-r]

macOS

./eps.rmm -detect

Linux

./eps.rmm -detect

Switch

Description

-detect

Verify and report if the product is running or not on the endpoint.

The following statuses are currently supported:

  • 0 : There is no detectable instance of the product running on the endpoint

  • 1 : The product is running and all services are up and running

  • 2 : The product appears to be running on the endpoint but not all services are functioning.

    Consider updating and restarting some of the services and perform the operation later.

    If subsequent operations report the same status this is an indication of a misconfigured product. Consider repeating the installation or contact support.

  • 3 : This status is returned only when the detect command-line is executed with the additional –r parameter. If this code is returned, it indicates that a previous security agent maintenance operation required a reboot to be completed. In such scenarios, consider performing a reboot until proceeding with another install/maintenance operation.

-r

An optional parameter supported on Windows only. When specified, it performs a reboot requirement assessment of the system. If a previous maintenance operation finished with a reboot required state (such as uninstall, or competitor removal operation) it will prompt the RMM SDK Tools to report this pending requirement. In such scenarios, if the detection operation was executed as a prerequisite for the install it is recommended not to proceed with the installation until the reboot is performed. Upon a successful reboot, perform another detection operation to asses the new state of the endpoint.

Upon successful operation completion, the process prints to stdout in the following format:

// the four returned values are separated by a pipe | character


[detect result]|[GravityZone customer id]|[GravityZone group id]|[Endpoint hardware id]      
  

The following table lists the stdout results:

stdout result

Description

detect result

One of the four numerical values described above is supported and printed to stdout.

GravityZone customer id

This is the ID of the GravityZone company managing the endpoint. It will be returned for the detection result value of 1.It can be returned for the detection result value of 2 when that is not reporting a misconfigured product. Refer to the Bitdefender GravityZone API documentation for usage information.

GravityZone group id

This is the ID of the GravityZone custom group an endpoint belongs to. This value reflects only the value of the group used at the time of the installation and only if this value was specified in the installation package.

Endpoint hardware id

This is the hardware ID used by the endpoint to communicate to GravityZone. Run the detection operation again in case the ID changes post-installation.

You can use this ID to search for the endpoint in Control Center. Refer to the Bitdefender GravityZone API documentation for detailed API information.

The following table lists common usage scenarios and their results. For more information on process exit codes, refer to Error codes.

Scenario

OS

Command-line switch

Process exit code

stdout value

The product is not running

Windows

-detect

0

0|||

The product is running

Windows

-detect

183

1|5bfd752a5ff3b80a588b456e|5bfd752b5ff3b8af428b456b|EC2BAC8D-0F7E-6E88-0DBE-EB95FBFE954D-0E759239A6E7

The product is installed but some of the services are not running

Linux

-detect

16

2|5bfd752a5ff3b80a588b456e||EC2BAC8D-0F7E-6E88-0DBE-EB95FBFE954D-0E759239A6E7

The product is misconfigured

macOS

-detect

16

2|||

The detection process failed reading resources

Windows

-detect

30

2|||

The product is running but a reboot is required

Windows

-detect -r

0

3|||