Carbon Black Cloud: Are Detections, Terminates, and Denies Reported to the Windows Event Logs?
search cancel

Carbon Black Cloud: Are Detections, Terminates, and Denies Reported to the Windows Event Logs?

book

Article ID: 292381

calendar_today

Updated On:

Products

Carbon Black Cloud Endpoint Standard (formerly Cb Defense) Carbon Black Cloud Enterprise EDR (formerly Cb Threathunter)

Issue/Introduction

Are detections, terminate and deny actions, and malware detections reported by the sensor to the Windows event logs?

Environment

  • Microsoft Windows: All Supported Versions
  • Carbon Black Cloud Sensor: All Versions

Resolution

  • Deny and terminate actions always create an event in the Windows event logs.
  • Malware detections create an event so long as the repuation is either KNOWN_MALWARE, SUSPECT_MALWARE , or PUP
Powered by Wolken Software