Announcing the Carbon Black Cloud Splunk App v1.1.5

Posted on July 5, 2022

---

Version 1.1.5 of the VMware Carbon Black Cloud App for Splunk has been released and addresses some issues.

Earlier in 2022 in Version 1.1.4 of the app, the ability to ingest Watchlist Hits via the Data Forwarder was added.

Version 1.1.5

The following bugs have been fixed in 1.1.5:

• Updated client handler to process more than 2500 remediation results without a failure in code.
• Updated client handler to capture 410 errors on live query result histories, and save the checkpoint.
• Backoff timing when making API calls for the ProcessGUID action for calls that take a longer period to complete.

Version 1.1.4

A new source type to ingest Watchlist Hits via the Data Forwarder, vmware:cbc:s3:watchlist:hits was added. Ingest this data to extend visibility to the latest threats impacting your organization.

Resources

• Installation, configuration and user guides
• Guide on TechZone
• Download from splunkbase

Have questions or feedback?

• Use the Developer Community Forum to discuss issues and get answers from other API developers in the Carbon Black Community
• Report bugs and change requests to Carbon Black Support