Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Search
Splunk Community
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Search
Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
21 results
Sort by:
11-13-2015
12:03 PM
1 Karma
Hi.
I've just configured Syslog to Splunk on Carbon Black server. Also, the TA has been installed on my Splunk servers.
The Carbon Black events are making it to Splunk as expected, but none o...
11-23-2015
01:15 PM
The documentation for this add-on on apps.splunk.com says there are pre-built dashboards yet apps.conf sets is_visible=false suggesting no dashboards.
Can anyone clarify?
Thanks!
12-06-2019
05:56 AM
...nd###.
Tried setup:
1) UF installed on CBR server, cb-event-forwarder output to file, UF monitor json file and forward to Splunk enterprise. Carbon black TA Add-On installed on Splunk enterprise....
10-14-2018
01:14 AM
6 Karma
Hello,
in splunkbase download page (https://splunkbase.splunk.com/app/3545/) mention support for cim 4.9.
After installing add-on, i dont see any fields extraction\alias for cim compatible.
a...
12-20-2019
06:45 AM
It would appear that at 03:15 UTC or so on 12/20/2019 calls to the integrations/v3 API started returning an error 503 for us. We had heard that they were planning to depreciate the v3 API's, but the...
01-17-2018
03:46 PM
link textI really want to work with Carbon Black response data in Splunk. While the app will let me run direct queries for things that I already know, Splunk could create conditions that allow me t...
11-23-2022
06:54 AM
We need to collect VMWare Carbon Black Cloud events to Splunk (Cloud) We use this app https://splunkbase.splunk.com/app/5332 on heavy forwarder to configure inputs. If we have a d...
Labels
- Labels:
-
add-on
-
app
-
heavy forwarder
-
indexer
-
search head
08-17-2015
09:53 PM
1 Karma
Dear Experts ,
I have installed the Splunk Add-on for Bit9 Carbon Black and I have installed the Carbon Black Event Forwarder utility on the Carbon Black Server. Issue is that agent is not g...
01-26-2018
01:39 PM
Went through this guide (https://splunkbase.splunk.com/app/3545/) , but we are still not getting any data from Carbon Black Defense (cloud). Any recommendations?
05-17-2018
05:03 AM
...Everything is tagged for the Traffic DM.
So we added an alias to map the "domain" field from the netconn event as "query" and tagged the netconn events containing a "domain" value with the c...
