Announcing the Carbon Black Cloud Splunk App v1.1.5
Posted on July 5, 2022
Version 1.1.5 of the VMware Carbon Black Cloud App for Splunk has been released and addresses some issues.
Earlier in 2022 in Version 1.1.4 of the app, the ability to ingest Watchlist Hits via the Data Forwarder was added.
The following bugs have been fixed in 1.1.5:
- Updated client handler to process more than 2500 remediation results without a failure in code.
- Updated client handler to capture 410 errors on live query result histories, and save the checkpoint.
- Backoff timing when making API calls for the ProcessGUID action for calls that take a longer period to complete.
A new source type to ingest Watchlist Hits
via the Data Forwarder, vmware:cbc:s3:watchlist:hits
was added. Ingest this data to extend visibility to the latest threats impacting your organization.
Have questions or feedback?