Versions Compared

Old Version 1

changes.mady.by.user Aparna Rr

Saved on

compared with

New Version 2

changes.mady.by.user Aparna Rr

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
minLevel1
maxLevel6
outlinefalse
stylenonedisc
typelist
printablefalse

About The Device

VMware Carbon Black Cloud™ is a cloud-native platform delivering best-in-class, next-generation antivirus and endpoint detection and response without compromising system performance. The platform consolidates multiple endpoint security capabilities using one agent and console, helping you operate faster and more effectively.

Device Information

 Entity

Particulars

Vendor Name

VMware (Previously Known as Carbon Black and before that Bit9+Carbon Black)

Product Name

Carbon Black Cloud (Previously Known as Carbon Black Predictive Security Cloud)

Type of Device

Hybrid

Collection Method

Log Type

 Ingestion label

Preferred Logging Protocol

Log Collection Method

Data Source

 CB_EDR

JSON

C2C

Device Configuration

Prerequisites

...

Amazon Simple Queue Service endpoints and quotas - AWS General Reference

Integration parameters

Property

Default Value

Description

REGION

N/A

The region where the S3 bucket resides. For a list of regions, see Amazon S3 regions.

S3 URI

N/A

The S3 URI to ingest.

URI IS A

Directory which includes subdirectories

The type of file indicated by the URI. Valid values are:

  • FILES: The URI points to a single file which will be ingested with each execution of the feed.

  • FOLDERS: The URI points to a directory. All files contained within the directory will be ingested with each execution of the feed.

  • FOLDERS_RECURSIVE: The URI points to a directory. All files and directories contained within the indicated directory will be ingested, including all files and directories within those directories, and so on.

SOURCE DELETION OPTION

Never delete files

Whether to delete source files after they have been transferred to Chronicle. This reduces storage costs. Valid values are:

  • SOURCE_DELETION_NEVER: Never delete files from the source.

  • SOURCE_DELETION_ON_SUCCESS:Delete files and empty directories from the source after successful ingestion.

  • SOURCE_DELETION_ON_SUCCESS_FILES_ONLY:Delete files from the source after successful ingestion.

ACCESS KEY ID

N/A

This is the 20 character ID associated with your Amazon IAM account.

SECRET ACCESS KEY

N/A

This is the 40 character access key associated with your Amazon IAM account.