There are a couple of ways to uninstall and/or delete sensors in bulk, including:

Using Built-In Automation

Make use of the global "Manage Sensor Settings" or per policy automatic cleanup.

• • Delete sensors that have been deresgietered for X
  • Deregister VDI sensors that have been inactive for X

Manually via the console

If automation is not preferred, use the "assets matching search" function as opposed to `"selected assets". The "all matching search" function is optimized to do devices in-bulk, beyond the 200 maximum items per page.

Scripted Uninstall using Python

1. Create an API Key in the Carbon Black Cloud Console
   1. Go to Settings > API Access > Switch to Access Levels tab
   2. Click on 'Add Access Level'
      1. Give the name and description.
      2. Select Device – Uninstall row and select the only available option under Execute column
      3. Save 
   3. Once Access Level is added, switch to API Key tab.
   4. Click on Add API Key.
      1. Give the name and description
      2. Select the newly created Access level under Customer Access Level Dropdown list.
      3. Save
   5. After saving, document the pair of API ID and API Key. Save the values for future use.
2. Script Execution
   1. Export a .csv of the devices list from the Carbon Black Console filtered for those endpoints intended to be marked as "deregistered"
   2. Keep both the 'uninstall_sensors.py', which is attached to this KB, and the exported .csv file containing the list of the devices to be removed in same folder.
   3. Run the below command from a machine with Python installed after updating the values for the Carbon Black Cloud ORG:

      python uninstall_sensors.py --org-key <ORGKEY> --file-name <Device List.csv> --api-id <API_ID> --api-secret <API SECRET>

       

   4. The script will execute in a batch of 1000 records. The logs will be saved in the same directory.