Knowledge Base

Yes

Environment

Carbon Black Cloud Console: All Versions
- Endpoint Standard
- Enterprise EDR
- Audit & Remediation
- Workload
Carbon Black Cloud Sensor: 3.5.3.x and Higher
Apple macOS: All Supported Versions

Objective

Provide steps for correcting issues for macOS Sensors with downloading of content manifest data from content.carbonblack.io after receiving a related Alert

Resolution

Check access to content.carbonblack.io from endpoint
Verify that any configured proxy or firewall allows outbound (endpoint to cloud) communication
URL Port Direction SSL Inspection
content.carbonblack.io TCP/443 Outbound Disabled
Check status of Manifest downloads and ContentDownloadFailure alarms

If ManifestDownloadFailure alarms continue in SensorAlarms.log, please open a case with Carbon Black Technical Support and provide

Hostname
Verification of access from step 1
Configuration information of firewall/proxy exclusion from step 2 (along with date/time implemented)
Firewall/proxy logs with any errors in communicating with content.carbonblack.io
Output of step 3 above

Additional Notes

There is no need to perform these steps unless directed to do so by a CB Analytics Alert in the Carbon Black Cloud Console or by a member of VMware Carbon Black Technical Support.

Knowledge Base

Carbon Black Cloud: How to remediate ManifestDownloadFailure alarms (macOS)

Carbon Black Cloud: How to remediate ManifestDownloadFailure alarms (macOS)

Environment

Objective

Resolution

Additional Notes

Related Content

Audit and Remediation

Carbon Black Cloud

Container

Endpoint Standard

Enterprise EDR

Managed Detection

Managed Detection and Response

Prevention

Workload

Knowledge Base

Carbon Black Cloud: How to remediate ManifestDownloadFailure alarms (macOS)

Carbon Black Cloud: How to remediate ManifestDownloadFailure alarms (macOS)

Environment

Objective

Resolution

Additional Notes

Related Content

Thank you for your feedback.

Thank you for your feedback.