CB Response Cloud: Can events be exported via syslog over UDP?
search cancel

CB Response Cloud: Can events be exported via syslog over UDP?

book

Article ID: 287385

calendar_today

Updated On:

Products

Carbon Black EDR (formerly Cb Response)

Issue/Introduction

Some vendors suggest using UDP ports on local installations.  In these cases, can a Carbon Black Response Cloud instance allow events to be forwarded over the Internet using UDP?

Environment

  • CB Response Cloud: All Supported Versions
  • CB Event Forwarder: All Supported Versions

Resolution

No, due to the UDP events being unencrypted. 

Additional Information

  • The Carbon Black Cloud Operations team has taken a firm stance on only allowing events to be exported using TCP + TLS, for the data security of the client as well as Carbon Black. 
  • See links in 'Related Content' below for supported and unsupported integrations.  If your integration is not listed, please open a case with Carbon Black Support.
Powered by Wolken Software