Getting support for the Carbon Black EDR Splunk Application
Article ID: 285752
Updated On:
Products
Carbon Black EDR (formerly Cb Response)
Carbon Black EDR
Issue/Introduction
Getting support for the Carbon Black Splunk Application to address installation and troubleshooting questions.
Environment
- Carbon Black EDR Server: All versions
- Carbon Black EDR Sensor: All versions
- Carbon Black Splunk Application: All versions
Resolution
Getting Support:
- View all API and integration offerings on the Developer Network along with reference documentation, video tutorials, and how-to guides.
- Use the Developer Community Forum to discuss issues and get answers from other API developers in the Carbon Black Community.
- Report bugs and change requests to Carbon Black Support with the following logs from $SPLUNK_HOME/var/log/splunk
da-ess-cbresponse.log: main log file for common Carbon Black EDR helper functions, including the search Custom Commands isolate_modalert.log: log file for the Isolate Endpoint Adaptive Response Action banhash_modalert.log: log file for the Ban Hash Adaptive Response Action killprocess_modalert.log: log file for the Kill Process Adaptive Response Action
Feedback
Yes
No
Powered by
