Carbon Black Cloud: Linux Sensor Generates No Events or Alerts
search cancel

Carbon Black Cloud: Linux Sensor Generates No Events or Alerts

book

Article ID: 291431

calendar_today

Updated On:

Products

Carbon Black Cloud Endpoint Standard (formerly Cb Defense)

Issue/Introduction

  • Linux sensor installed successfully
  • The sensor checks in
  • No events or alerts are seen in the Carbon Black Console related to that sensor
  • No policy actions are taken

Environment

  • Carbon Black Sensor: All Supported Versions
  • Linux: All Supported Versions

Cause

  • This most often happens because the sensor was not installed with the correct Company Code
  • In older versions of the sensor Event collection, alert generation, and policy actions were features only supported on sensor versions 2.7.0.187460 and Higher with some Linux Operating Systems

Resolution

  • Confirm the sensor was installed with the correct Company_Code following these steps
  • Confirm the sensor version is 2.7.0.187460 and Higher
  • Confirm the OS is listed under "Enterprise EDR Supported Distributions and Kernel Versions"  or  "Endpoint Standard Supported Distributions and Kernel Versions" here
Powered by Wolken Software