logo

Knowledge Base

Access official resources from Carbon Black experts

Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Carbon Black Cloud: EDR Alert Action events show up in VMware Carbon Black Cloud App for Splunk

Carbon Black Cloud: EDR Alert Action events show up in VMware Carbon Black Cloud App for Splunk

Environment

  • Carbon Black Cloud console
    • Endpoint Standard
    • Enterprise EDR
  • Carbon Black EDR server (On-Prem): 7.2 and above
  • VMware Carbon Black Cloud App for Splunk: 1.x
  • VMware Carbon Black EDR On-Prem for Splunk: 3.0.1
  • Splunk: 8.x

Symptoms

Events generated by the EDR (On-Prem) product appear in the Carbon Black Cloud Splunk app

Cause

Inter-operability issue between Carbon Black Cloud and EDR (On-Prem) Splunk apps

Resolution

This issue will be fixed in a future release of the VMware Carbon Black Cloud App for Splunk

Was this article helpful? Yes No
100% helpful (1/1)
Article Information
Author:
CB_Support
Creation Date:
‎07-14-2021
Views:
321
Contributors
logo

Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.