Announcing the Carbon Black Cloud Splunk App v1.1.10

Posted on August 17, 2023

---

Version 1.1.10 of the VMware Carbon Black Cloud App for Splunk has been released with some new features, improvements and bug fixes.

Version 1.1.10

• New Features

  • New Modular Input for Authentication Events
  • New Alert Action to enrich Alerts with related Observations
    • More detail about observations is available here

• Improvements

  • The Alert Action to used to get Enriched Events has been changed to instead get Observations
    • This is in line with Carbon Black Cloud release of Observations
    • More detail available here
  • On the configuration page, the label Disabled has been changed to Active

• Fixes

  • Fixed logic regression with Live Query Inputs
  • In multiple modular inputs, decimal notation IP address are converted to string notation
  • Improved mapping between Data Forwarder input and Dashboards

Resources

• Installation, configuration and user guides
• Guide on TechZone
• Download from splunkbase

Have questions or feedback?

• Use the Developer Community Forum to discuss issues and get answers from other API developers in the Carbon Black Community
• Report bugs and change requests to Carbon Black Support