Posted on July 5, 2022
Version 1.1.5 of the VMware Carbon Black Cloud App for Splunk has been released and addresses some issues.
Earlier in 2022 in Version 1.1.4 of the app, the ability to ingest Watchlist Hits via the Data Forwarder was added.
The following bugs have been fixed in 1.1.5:
A new source type to ingest Watchlist Hits via the Data Forwarder, vmware:cbc:s3:watchlist:hits was added. Ingest this data to extend visibility to the latest threats impacting your organization.