• EDR Server: All Supported Versions

1. Change the Sensor Group URL
   1. Open the WebUI, then navigate to Administration > Sensors and select Edit Settings
   2. Change the Server Address to the new Address while keeping the same port number
   3. Repeat Step b for each sensor group if they exist
   4. Allow at least 10 minutes for online sensors to pick up the URL change
2. Update Server from the Command Line
   1. Begin after all online sensors have checked in
   2. Stop the Response services:

service cb-enterprise stop

3. Change the server address using normal OS commands for configuring the network interface
4. Start the Postgres service to update records to point to the new CB Response Server Address:
   1. In 7.4.0 and later product versions:

/usr/share/cb/cbservice cb-pgsql start

service cb-pgsql start

2.      In 7.5.0 and later product versions:

psql -d cb -p 5002 -c "UPDATE cluster_node_sensor_addresses SET address='<NEW ADDRESS>' WHERE id=0;"

psql -d cb -p 5002 -c "UPDATE cluster_node_sensor_addresses SET address='<NEW ADDRESS>' WHERE node_id=0;"

3. In 7.4.0 and later product versions:

/usr/share/cb/cbservice cb-pgsql stop

service cb-pgsql stop

4. Update the iptables/firewalld settings to the correct IPs. Run the following command to update if using the CB managed firewall

   /usr/share/cb/cbcheck firewall -a

5. By default cluster.conf is set to localhost and should not need adjusting, however please confirm and update accordingly.  /etc/cb/cluster.conf
6. Start Response services

service cb-enterprise start

3. Check /etc/cb/cluster.conf to confirm the host= matches the new IP if it's not listed as localhost
4. Update Remaining Sensors. Any clients that did not check-in before the server address is changed will need to modify the SensorBackendServer setting.
5. For Windows this is located at HKLM\SOFTWARE\CarbonBlack\config\SensorBackendServer
6. For MacOs and Linux, this value is stored in /var/lib/cb/sensorsettings.ini

• A 10 minute to 1 day delay after changing this setting in step one is recommended. All endpoints need to check in first to pull down the new server Address. Any offline endpoints that don't check in will either need to have sensor reinstalled or registry edited to point to the new server. 
• Warning: Verify the chosen settings sensor checkin url and port. A sensor will check in with the old information that the server is currently on and update that information locally (in the registry for windows). The next time the sensor tries to check in, it will be to the new server url and port. No other attempts will be made to connect to the old address. This means that if you update this information incorrectly, this will need to be updated by changing the server to that address, or performing Step 3 for all sensors. Changing the group setting in the UI back will only work for sensors had not checked in yet, all others will not get that setting reverted back automatically.