Environment

• PSC Web Console: All versions
• PSC Sensor: All Supported Versions
• Microsoft Windows: All Supported Versions
• Apple MacOS: All Supported Versions

Objective

• You want to collect events for a specific endpoint for Auditing or Incident Response Reasons

Resolution

• At this time, you will need to use our APIs to get the event information you would like from the endpoint

Additional Notes

• You can collect events from a specific endpoint using our API or our CbAPI Python Module
• Please refer to the links in the "Related Content" section below on how to get started, as well as examples.
• An idea has been submitted to provide event export functionality in the PSC. The link for this idea is in "Related Content".

Related Content

• Cb Defense API examples from Github
• Cb Developer Relations Website
• Getting Started with Cbapi module
• Idea Central: Export Events from the Investigate Page