Troubleshooting Tip: FortiEDR - What to gather if a system is in a hung state and not responding
| Description | This article describes data to collect when a system is not responding. |
| Scope | FortiEDR |
| Solution | Configure the system for a full memory dump and gather the .dmp file for analysis.
Instructions on how to do so: https://docs.microsoft.com/en-us/windows/client-management/generate-kernel-or-complete-crash-dump
Create a Forticare ticket and submit the memory.dmp file.
The default location of the dump file is %SystemRoot%memory. dmp i.e C:\Windows\memory. dmp if C: is the system drive. |