Carbon Black Cloud: Splunk Apps missing information available via API calls
book
Article ID: 287532
calendar_today
Updated On:
Products
Carbon Black Cloud Endpoint Standard (formerly Cb Defense)
Issue/Introduction
Information available via the API is not sent over to Splunk CB Defense/CB ThreatHunter Apps/Add-Ons
Environment
Carbon Black Cloud: All Versions Splunk CB Defense or CB ThreatHunter Apps/Add-Ons: All Versions
Cause
This is a known limitation at this time
Resolution
Carbon Black Engineering is currently working on a unified Splunk App for all of the Carbon Black Cloud, which will feature improvements on the information available in the Splunk app.
Additional Information
No current ETA on the new unified Splunk App is available at this time