If the need arises to send log files to Threat Stack please find the log files at the following location:
Please .tar the files excluding any tsaudit* logs. Also consider using GZip.
A sample tar command
tar -cvzf XXCompanyNameXX.tar.gz /opt/threatstack/cloudsight/logs/
If you have concerns for the security of your logs please feel free to speak to your account resource about sending to their PGP credentials. Threat Stack publishes our keys at the public server: hkps://hkps.pool.sks-keyservers.net.
Threat Stack has developed a set of scripts which can be run against the host. Running diagnostics.sh will run the child scripts. The output of those scripts will be tar'ed up with the logs as a package which can be sent to us for further review.