logo

Knowledge Base

Access official resources from Carbon Black experts

IMPORTANT ANNOUNCEMENT: On May 6, 2024, Carbon Black User eXchange (UeX) and Case Management will move to a new platform!
The Community will be in read-only mode starting April 19th, 7:00 AM PDT. Check out the blog post!
You will still be able to use the case portal to create and interact with your support cases until the transition, view more information here!

Carbon Black Cloud: Significant decrease in alerts and events from Mac sensor after upgrade to MacOS 12.3

Carbon Black Cloud: Significant decrease in alerts and events from Mac sensor after upgrade to MacOS 12.3

Environment

  • Carbon Black Cloud Mac Sensor: v3.6.1.10
  • macOS v12.3

Symptoms

  • Significant (~90%) decrease in events and alerts from Mac endpoint
    • Small subset of network and other behavior events my still occur
  • Sensor appears active

Cause

Changes that Apple has made in MacOS 12.3 with regards to their internal protocols.

Resolution

Mac sensor release 3.6.2.110 resolves this issue.

Additional Notes

  • Sensor 3.6.1.10 will not be available after 4/20/2022. Per CBC Mac Sensor Announcement for macOS 12.3, VMware Carbon Black strongly recommends not upgrading to  MacOS 12.3 until sensor version 3.6.2.110 is installed. 
  • Carbon Black is planning additional sensor enhancements to better handle these types of macOS changes in the future

Related Content


Was this article helpful? Yes No
100% helpful (1/1)
Article Information
Author:
CB_Support
Creation Date:
‎03-15-2022
Views:
910
Contributors
logo

Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.