Back to Blogs
Announcing the Carbon Black Cloud Audit Logs API Release!
Announcing the Carbon Black Cloud Audit Logs API Release!
Posted on March 12, 2024
Overview
The Audit Log service can be used to monitor your Carbon Black Cloud organization for actions performed by Carbon Black Cloud console users and API keys. Audit logs are recorded for most CREATE, UPDATE and DELETE actions as well as a few READ actions. Audit logs will include a description of the action and indicate the actor who performed the action along with their IP to help determine if the User/API key are from an expected source.
New API endpoints added for Search and Export to improve integration capabilities.
Use Cases
- Use Audit Logs to review actions performed by Carbon Black Cloud console users and API keys.
- Search or export Carbon Black Cloud audit logs to your SIEM, Data Lake, or other security integration.
Requirements
- Any Carbon Black Cloud product
Resources
- Audit Logs API documentation
- CBC Postman Collection
- Carbon Black Cloud Python SDK Extension - Coming Soon
- User Guide
Have questions or feedback?
- Use the Developer Community Forum to discuss issues and get answers from other API developers in the Carbon Black Community
- Report bugs and change requests to Carbon Black Support
- Subscribe to the Developer Network Newsletter