App Control: What is the difference between messages from "External Event Logging" and "External Analytics"?
Article ID: 288161
Updated On:
Products
Carbon Black App Control (formerly Cb Protection)
Issue/Introduction
How does the content of messages differ between these two event collectors?
Environment
- App Control Server: All versions
- App Control Agents: All versions
Resolution
External Event Logging" collects various types of events of Syslog.
It is limited to App Control events, and not related to Splunk (unless you're using Splunk as your syslog aggregator)
"External Analytics" not only includes events, but also file catalog, and file operations,
based on the configuration setup choices.
It is limited to App Control events, and not related to Splunk (unless you're using Splunk as your syslog aggregator)
"External Analytics" not only includes events, but also file catalog, and file operations,
based on the configuration setup choices.
Feedback
Yes
No
Powered by
