Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Carbon Black Cloud: How To Configure The Syslog Connector (Linux)

Carbon Black Cloud: How To Configure The Syslog Connector (Linux)

Environment

  • Carbon Black Cloud: All Supported Versions
  • RHEL/CentOs: All Supported Versions

Objective

How to set up the new CBC-Syslog connector.

Resolution


Additional Notes

  • The example sample is at the bottom of cbc-syslog
  • The code samples are just examples of what could be used 
  • If not all python modules are installed a message similar to "ImportError: NO module named requests" may occur
  • This document assumes that pip and python are installed. 
  • To move audit logs to a SIEM configure both an API and a SIEM connector in the Carbon Black Cloud console and include the values in the .conf
  • The setup may fail with an ImportError if a newer version of markupsafe is installed so it may be needed to specifically install version 2.0.1

Related Content


Was this article helpful? Yes No
100% helpful (2/2)
Article Information
Author:
Creation Date:
‎09-04-2020
Views:
7222
Contributors