Carbon Black Cloud: Can Watchlist Hits be Sent to a SIEM?

Carbon Black Cloud: Can Watchlist Hits be Sent to a SIEM?

search cancel

Carbon Black Cloud: Can Watchlist Hits be Sent to a SIEM?

book

Article ID: 288666

calendar_today

Updated On:

Products

Carbon Black Cloud Endpoint Standard (formerly Cb Defense)

Issue/Introduction

Do Notifications send Watchlist hits to a SIEM without Watchlists configured with alerts?

Environment

Carbon Black Cloud Console: All Versions

Resolution

Watchlist hits cannot be sent directly to a SIEM from the console notifications
Watchlist hits can be configured to create alerts which can be sent via notifications
The Event Forwarder can be used to sent watchlist hits

Feedback

thumb_up Yes

thumb_down No