logo

Knowledge Base

Access official resources from Carbon Black experts

Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Carbon Black Cloud: Can the Authorized IP Addresses Field be Left Blank When Setting Up API Key Configuration?

Carbon Black Cloud: Can the Authorized IP Addresses Field be Left Blank When Setting Up API Key Configuration?

Environment

  • Carbon Black Cloud Console: All Versions
  • Carbon Black Workload Appliance: All Versions
  • Microsoft Windows: All Supported Versions

Question

When defining the configuration for QRadar in Carbon Black Cloud console is the Authorized IP Addresses field required to be filled?  

Answer

  • The Authorized IP Address field should only be defined for specific IP addresses accessing the API Key/Connector ID.
  • If IP addresses are added to Authorized IP Addresses field, then logs will only be sent to the defined IP addresses.
  • If the Authorized IP Addresses field is left blank, then any IP address will be able to connect using the API Key/Connector ID. 

Additional Notes

  • You can see what IP address is accessing the API key by searching the Audit log for those API keys.
  • The Authorized IP Addresses field will require Public IP addresses opposed to Private IP addresses.

Related Content


Was this article helpful? Yes No
No ratings
Article Information
Author:
CB_Support
Creation Date:
‎06-30-2023
Views:
200
Contributors
logo

Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.