Help & Troubleshooting

Windows SmartScreen shows a warning because the installer is new and unsigned. This is expected during our early rollout. To proceed: Click "More info" on the SmartScreen dialog, then "Run anyway." If Windows Defender blocks it: Open Windows Security → Virus & Threat Protection → Protection History → Allow the file. For IT admins deploying via GPO: Add an exclusion for the Sentinel install path (C:\Program Files\CognoShift) in your Defender policy before deployment.

Sentinel sends its first heartbeat within 5–10 minutes of installation. The portal refreshes every 10 seconds automatically. If the score remains 0 after 30 minutes: 1. On the endpoint, open Task Manager → Services tab → verify "CognoShiftSentinel" is running. 2. Check the portal's Endpoints tab — does the machine appear there? 3. If not, the machine may not have network access to reach our servers. Confirm outbound HTTPS (port 443) is allowed. Note: Some directives (Dir 11, 13, 14, 17, 18, 19) require manual self-attestation via the portal — Sentinel cannot auto-detect these.

Visit cognoshift.in/recover and enter the email address you used during registration. Your license key will be emailed to you within 1 minute. If you no longer have access to that email, contact support@cognoshift.in with your organisation name and the Razorpay payment ID from your bank statement.

Log retention requires an S3-compatible storage bucket. You have two options: Option A — E2E Networks Object Storage (recommended for India data residency): 1. Register at e2enetworks.com → Create an Object Storage bucket 2. Generate Access Key + Secret Key in the E2E console 3. In the CognoShift portal → CERT-In tab → Dir 3 → "Configure Log Retention" 4. Enter your E2E bucket name, access key, secret key, and region Option B — AWS S3 / Any S3-compatible storage: Same process, just use your AWS/other provider credentials. After setup, Sentinel will begin shipping Windows Event Logs every 15 minutes. Dir 3 will show PARTIAL until the first batch uploads, then COMPLIANT.

Use Chrome for the best printing experience. The certificate page has optimised print CSS. Steps: 1. Open the certificate at cognoshift.in/training/certificate/[your-cert-number] 2. Click "Download / Print PDF" 3. In the print dialog, select "Save as PDF" as the destination 4. Disable headers and footers for a clean output On mobile: Use the "Share" button and select "Print" — this works on iOS Safari and Chrome for Android.

Use the PowerShell script for mass deployment: 1. In the portal → Settings → Deploy tab → Download "deploy_cognoshift.ps1" 2. Copy the script to a network share accessible by all machines 3. Create a GPO (Group Policy Object) in Active Directory: - Computer Configuration → Windows Settings → Scripts → Startup - Add the PS1 script path - Restart machines one batch at a time The script is idempotent — running it on an already-installed machine does nothing. USB method (no IT infrastructure needed): Copy deploy_cognoshift.bat to a USB drive, plug into each machine, right-click → Run as Administrator. Takes ~2 min per machine.

Directive 20 requires your organisation to conduct security awareness training for staff. It is marked COMPLIANT automatically when the first staff member completes our training programme. The training is at cognoshift.in/training — free to learn, ₹499 + GST per certificate (valid 1 year). For organisations: buy seats in bulk at the bottom of the training page. Each staff member gets a unique link — they complete the course, pass the quiz, and receive their certificate without any additional payment. Annual recertification is required — certificates expire after 1 year.

Yes. Your license key covers all endpoints (machines) up to your plan's node limit — regardless of physical location. Sentinel on machines in different branches will all report to the same compliance dashboard. If you have more machines than your plan allows, the Endpoints tab shows a "Node limit reached" warning and new installs will be blocked. Upgrade your plan from cognoshift.in/register.

Compliance telemetry (Sentinel heartbeats) is stored in Supabase's India region (Mumbai). No raw personal data is ever stored — IP addresses are HMAC-hashed before transmission. For log retention (CERT-In Dir 3), you control the storage: use E2E Networks (India) for full data residency compliance. CognoShift is DPDP Act 2023 compliant. Our privacy policy is at cognoshift.in/privacy.

On the affected machine: 1. Open Command Prompt as Administrator 2. Run: sc start CognoShiftSentinel 3. If that fails: Run the deploy_cognoshift.bat again — it will reinstall cleanly To check logs: Open Event Viewer → Windows Logs → Application → filter by Source "CognoShift" Sentinel is installed as an NSSM-managed Windows service. NSSM will automatically restart it if it crashes. If it keeps stopping, email support@cognoshift.in with the Event Viewer logs.