Seeing Alerts But Not All Associated Events in Azure Blob / AWS S3 Bucket
search cancel

Seeing Alerts But Not All Associated Events in Azure Blob / AWS S3 Bucket

book

Article ID: 396928

calendar_today

Updated On:

Products

Carbon Black Cloud Endpoint Standard (formerly Cb Defense) Carbon Black Cloud Enterprise EDR (formerly Cb Threathunter)

Issue/Introduction

  • Data Forwarder is configured
  • Only seeing alerts in the Azure Blob or AWS S3 Bucket
  • Wanting to see all events associated with the alert

Environment

  • Carbon Black Cloud
  • AWS S3 Bucket
  • Azure Bob Storage

Cause

Alert Data Forwarder is configured, but not a Endpoint Event Data Forwarder

Resolution

Alerts and events both require their own data forwarder. To get all endpoint activity, Add a Data Forwarder for the Endpoint Event Data.

Additional Information

Powered by Wolken Software