This app supports various investigative and containment actions on Carbon Black App Control (formerly Bit9)
Built by
Latest Version 3.1.3
August 1, 2025
Compatibility
This is compatibility for the latest version
Not Available
Platform Version: 7.0, 6.4, 6.3, 6.2, 6.1
Rating
0
(0)
Log in to rate this app
Support
Splunk Supported connector
Ranking
#9
in Endpoint
This app supports various investigative and containment actions on Carbon Black App Control (formerly Bit9)
Supported Actions
test connectivity: Validate the API Token by attempting to connect to the Device URL. This action runs a quick query on the device to check the connection and token
hunt file: Searches for a particular file across all the endpoints
upload file: Upload a file to a computer
list files: List the files available on the controller
get file: Get the file from the controller and add it to the vault
analyze file: Analyze a file on a computer
unblock hash: Unblocks a particular hash
block hash: Ban the file hash
get system info: Get information about an endpoint
get file instances: Searches for file instances
update file instance: Change local file instance state