Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Carbon Black Cloud: What Splunk Apps/Add-Ons are needed?

Carbon Black Cloud: What Splunk Apps/Add-Ons are needed?

Environment

  • Carbon Black Cloud: All Versions
  • Splunk Enterprise: 8.x

Question

What Splunk Apps and Add-Ons are needed?

Answer

  • Splunk 7.X 
  • No longer supported by Splunk. Please use our apps for Splunk version 8 
  • Single Instance (8.X) 
  • (Pre-requisite) Splunk CIM Add-on 
  • Single Instance + Heavy Forwarder (8.X) 
  • Single Instance:  
  • Distributed deployment (8.x) 
  • Splunk Cloud  
  • Contact Splunk Cloud Support to assist with installation

Additional Notes

  • This application connects with any Carbon Black Cloud offering and replaces the existing product-specific Carbon Black apps for Splunk.
  • Warning: Do not install the App/TA/IA on the same node.

Related Content


Was this article helpful? Yes No
67% helpful (2/3)
Article Information
Author:
Creation Date:
‎09-01-2020
Views:
8915
Contributors