Environment
- Carbon Black Cloud Console: All Versions
- Endpoint Standard
- Enterprise EDR
- Audit & Remediation
- Workload
- Carbon Black Cloud Sensor: 2.12.x.x and Higher
- Linux: All Supported Versions
Objective
Provide steps for correcting issues for Linux Sensors with downloading of content manifest data from
content.carbonblack.io after receiving a
related Alert
Resolution
- Check access to content.carbonblack.io from endpoint
- Verify that any configured proxy or firewall allows outbound (endpoint to cloud) communication
URL | Port | Direction | SSL Inspection |
---|
content.carbonblack.io | TCP/443 | Outbound | Disabled |
- Check status of Manifest downloads and ContentDownloadFailure alarms
- If the ContentDownloadFailure alarms continue in log.txt, please open a case with Carbon Black Technical Support and provide
Hostname
Verification of access from step 1
Configuration information of firewall/proxy exclusion from step 2 (along with date/time implemented)
Firewall/proxy logs with any errors in communicating with content.carbonblack.io
Output of step 3 above
Additional Notes
There is no need to perform these steps unless directed to do so by a CB Analytics Alert in the Carbon Black Cloud Console or by a member of VMware Carbon Black Technical Support.
Related Content