Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Search
Find Answers
Ask questions. Get answers. Find technical product solutions from passionate members of the Splunk community.
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- Search
Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
21 results
Sort by:
11-13-2015
12:03 PM
1 Karma
Hi.
I've just configured Syslog to Splunk on Carbon Black server. Also, the TA has been installed on my Splunk servers.
The Carbon Black events are making it to Splunk as expected, but none o...
11-23-2015
01:15 PM
The documentation for this add-on on apps.splunk.com says there are pre-built dashboards yet apps.conf sets is_visible=false suggesting no dashboards.
Can anyone clarify?
Thanks!
12-06-2019
05:56 AM
...nd###.
Tried setup:
1) UF installed on CBR server, cb-event-forwarder output to file, UF monitor json file and forward to Splunk enterprise. Carbon black TA Add-On installed on Splunk enterprise....
10-14-2018
01:14 AM
6 Karma
Hello,
in splunkbase download page (https://splunkbase.splunk.com/app/3545/) mention support for cim 4.9.
After installing add-on, i dont see any fields extraction\alias for cim compatible.
a...
12-20-2019
06:45 AM
It would appear that at 03:15 UTC or so on 12/20/2019 calls to the integrations/v3 API started returning an error 503 for us. We had heard that they were planning to depreciate the v3 API's, but t...
01-17-2018
03:46 PM
...nstructions from RedCanary (https://www.redcanary.com/blog/carbon-black-response-splunk-integration/), we tried grabbing process starts and network connections.
6 minutes of data was 1GB --thats on track for...
cb-event-forwarderconf.txt (19 KB)
08-17-2015
09:53 PM
1 Karma
Dear Experts ,
I have installed the Splunk Add-on for Bit9 Carbon Black and I have installed the Carbon Black Event Forwarder utility on the Carbon Black Server. Issue is that agent is not g...
11-23-2022
06:54 AM
We need to collect VMWare Carbon Black Cloud events to Splunk (Cloud) We use this app https://splunkbase.splunk.com/app/5332 on heavy forwarder to configure inputs. If we have a d...
Labels
- Labels:
-
add-on
-
app
-
heavy forwarder
-
indexer
-
search head
01-26-2018
01:39 PM
Went through this guide (https://splunkbase.splunk.com/app/3545/) , but we are still not getting any data from Carbon Black Defense (cloud). Any recommendations?
03-15-2017
01:20 PM
Does the Splunk Add-on for Bit9 Carbon Black format the CB JSON md5 field to either Malware.file_hash or Email.file_hash? hPer the Carbon Black (CB) API reference and JSON response example, the CB J...
