Announcing the Carbon Black Cloud Splunk App v1.1.10
Posted on August 17, 2023
Version 1.1.10 of the VMware Carbon Black Cloud App for Splunk has been released with some new features, improvements and bug fixes.
- New Modular Input for Authentication Events
- New Alert Action to enrich Alerts with related Observations
- More detail about observations is available here
- The Alert Action to used to get Enriched Events has been changed to instead get Observations
- This is in line with Carbon Black Cloud release of Observations
- More detail available here
- On the configuration page, the label
Disabled has been changed to
- Fixed logic regression with Live Query Inputs
- In multiple modular inputs, decimal notation IP address are converted to string notation
- Improved mapping between Data Forwarder input and Dashboards
Have questions or feedback?