Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Collections
Apps
Submit an App
VMware Carbon Black Cloud for Splunk SOAR app icon

VMware Carbon Black Cloud for Splunk SOAR

Carbon Black Cloud App for Splunk SOAR

Built by SOAR Community
soar product badge
Latest Version 2.0.0
February 14, 2024
Compatibility
Not Available
Platform Version: 6.4, 6.3, 6.2, 6.1
Rating

0

(0)

Log in to rate this app
Support
VMware Carbon Black Cloud for Splunk SOAR support icon
Developer Supported connector
Learn more
Carbon Black Cloud App for Splunk SOAR

Supported Actions

  • test connectivity: Validate the asset configuration for connectivity with the supplied configuration
  • on poll: Callback action for the on_poll ingest functionality
  • normalize artifact: Normalize artifact ingested by Splunk App for Splunk Phantom
  • dismiss alert: Dismiss Carbon Black Cloud alert
  • dismiss future alerts: Dismiss Carbon Black Cloud all future alerts
  • get enriched event: Get Enriched Event
  • get observations: Get Observations
  • get file: Get File
  • delete file: Delete File
  • get binary file: Get Binary File
  • kill process: Kill process on Carbon Black Cloud endpoint
  • get binary metadata: Get binary metadata from Carbon Black Cloud
  • get process metadata: Get Process Metadata
  • quarantine device: Quarantine device in Carbon Black Cloud
  • unquarantine device: Unquarantine device in Carbon Black Cloud
  • ban hash: Ban process by hash in Carbon Black Cloud
  • unban hash: Unban process by hash in Carbon Black Cloud
  • list policies: List device policies in Carbon Black Cloud
  • set device policy: Set device policy of a Carbon Black Cloud endpoint
  • add ioc: Add IOC to feed/watchlist in Carbon Black Cloud
  • remove watchlist ioc: Remove IOC from watchlist in Carbon Black Cloud
  • remove feed ioc: Remove IOC from feed in Carbon Black Cloud
  • list processes: List processes on a device in Carbon Black Cloud
  • execute command: Execute command on a device in Carbon Black Cloud
  • create report: Create a report in Carbon Black Cloud
  • delete report: Delete a report in Carbon Black Cloud feed or watchlist
  • create feed: Create a feed in Carbon Black Cloud
  • create watchlist: Create a watchlist in Carbon Black Cloud
  • delete feed: Delete a feed in Carbon Black Cloud
  • delete watchlist: Delete a watchlist in Carbon Black Cloud
  • retrieve watchlist: Retrieve a watchlist in Carbon Black Cloud
  • retrieve feed: Retrieve a feed in Carbon Black Cloud
  • retrieve iocs: Retrieve IOCs for a given report in Carbon Black Cloud
  • update feed: Update a feed in Carbon Black Cloud
  • update watchlist: Update a watchlist in Carbon Black Cloud
  • get scheduled task: Get Scheduled Task Created in Carbon Black Cloud
  • get cron jobs: Get Cron Jobs in Carbon Black Cloud
  • get asset info: Get Asset Info
  • get cleared eventlogs: Get Cleared Event Logs
  • list persistence locations: List Windows Persistence Locations
  • get rdp info: Get RDP Connection Information
  • list logged users: List Logged In Users

Categories

Created By

SOAR Community

Source Code

Type

connector

Downloads

382

Licensing

Splunk Answers

Resources

Login to report this app listing