Environment
- CB Response Cloud: All versions
- CB Response Sensors: All versions
- Securonix SIEM: All versions
Objective
How to request setting up Event Forwarder to a Securonix SIEM site with CB Response Cloud.
Resolution
- Contact VMware Carbon Black Customer Support and open a Support request
- Provide the following information:
- Target Securonix hostname or IP address: name.here.securoinix.net
- TCP Ports available: 6514, 6515, 10514 (ports may vary)
- Certificates if applicable
Additional Notes
- Probably no certificate information is required since TLS RIN is configured on SSL, but if they are in use, please attach to the Support case.