Our API Bindings are written in Python 2. We recommend learning the basics of python before continuing. Python is very easy to learn. Here are some resources to help get you started.
Our Quickstart guide is a great place to start for anyone. If you want to get your feet wet with out REST API, definitely check this out first. It will walkthrough the basics of what you need to work with our REST API.
We recommend taking a look at our Cb Response Python API (CbAPI) and the list of example scripts. Likely, there will be an existing script that already matches your use case.
Once you have found a script that can be used for your use case, check out our video on setting up your development environment. This video will guide you through installing all the necessary tools needed for the CbAPI.
Need to generate reports? Our incident reporting script is a good example of how to accomplish this use case, while also being a good example of using the Cb Response REST APIs.
Learn from our Integrations
At Carbon Black we firmly believe in open APIs and code sharing. We try to open source all of our integrations so others can learn and modify our code to fit their specific use case. Here is a list of our open source integrations:
|IBM Qradar||SIEM Integration|
|Splunk Active Response App||SIEM Integration|
Need something more advanced or requires talking to the Cb Response Messaging Bus? The Event Forwarder is used to forward events into a SIEM or custom framework using the Cb Response Messaging Bus, its source code is valuable for learning how to interface with the Cb Response Messaging Bus elegantly and efficiently. If you are doing something that can’t easily be mapped by one of integrations or example scripts, we’d love to hear about it. Feel free to contact us.
|Event Forwarder Connector/API||Forward events|
|Event Duplicator||Duplicate Cb Response events|
|Duo SAML Login Provider Service||2 Factor Auth|
|Cb Response App for Splunk||Splunk App|