Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Carbon Black HowTo - Carbon Black Syslog Integration

Carbon Black HowTo - Carbon Black Syslog Integration

This document explains the Carbon Black and Syslog integration procedures.

Labels (1)
Attachments
Comments

We have had our Response server sending data to our Arcsite server for years. Recently the other team indicates the feed has stopped.

I checked and there doesn't seem to be any errors and the /var/log/cb/notifications directory is populated with up to date files with no errors.

What commands or logs can I look in to see if the data is actually being sent or attempting to be sent from my master server.

Article Information
Author:
Creation Date:
‎03-12-2015
Views:
2119
Contributors