As of January 2020, CB ThreatHunter is now called Enterprise EDR. All documentation will be updated in the coming months to reflect our new product names.
Integrations developed by Carbon Black all have similar installation instructions, unless otherwise specified.
Integrations may require an API URL, which is accessible through a special hostname assigned to your organization. To find your organization’s API hostname, please refer to this KB article.
Carbon Black partners with industry leaders to create integrated solutions helping you to achieve end-to-end protection across security systems. The Carbon Black Integration Network highlights our Partners and the solutions they have built using our Open APIs.
Members of the Carbon Black partner program can submit their products to Carbon Black for certification and promotion on our Integration Network. Learn more about the Carbon Black Partner Program here.
These connectors allow users to send notifications or alerts into a SIEM like Splunk or QRadar.
The syslog connector lets administrators forward alert notifications and audit logs from their Carbon Black Cloud instance to local, on-premise systems, and:
The receiving system must accept industry-standard syslog notifications.
The installation package and instructions can be found at https://pypi.org/project/cbc-syslog/.