Carbon Black Cloud: EDR Alert Action events show up in VMware Carbon Black Cloud App for Splunk

search cancel

Carbon Black Cloud: EDR Alert Action events show up in VMware Carbon Black Cloud App for Splunk

book

Article ID: 289530

calendar_today

Updated On:

Products

Carbon Black Cloud Endpoint Standard (formerly Cb Defense) Carbon Black Cloud Enterprise EDR (formerly Cb Threathunter) Carbon Black EDR (formerly Cb Response)

Issue/Introduction

Events generated by the EDR (On-Prem) product appear in the Carbon Black Cloud Splunk app

Environment

Carbon Black Cloud console
- Endpoint Standard
- Enterprise EDR
Carbon Black EDR server (On-Prem): 7.2 and above
VMware Carbon Black Cloud App for Splunk: 1.x
VMware Carbon Black EDR On-Prem for Splunk: 3.0.1
Splunk: 8.x

Cause

Inter-operability issue between Carbon Black Cloud and EDR (On-Prem) Splunk apps

Resolution

This issue will be fixed in a future release of the VMware Carbon Black Cloud App for Splunk

Feedback

thumb_up Yes

thumb_down No