Carbon Black Cloud Syslog Connector

The Syslog Connector lets administrators forward alert notifications and audit logs from their Carbon Black Cloud instance to local, on-premise systems, and:

  • Generates pipe-delimited syslog messages with alert metadata identified by the streaming prevention system
  • Aggregates data from one or more Carbon Black Cloud organizations into a single syslog stream
  • Can be configured to use UDP, TCP, or encrypted (TCP over TLS) syslog protocols


  • Endpoint Standard or Enterprise EDR


  • You can install the Syslog Connector using either PyPI or GitHub.

How to Automate

The syslog connector can be automated on all Platforms. Please select your desired Operating System for more information.

Last modified on February 24, 2021