/
edr.carbonblack
edr.carbonblack
- Juan Tomás Alonso Nieto (Deactivated)
Jul 06, 2022
1 min read
Analytics
Loading data...
[ 1 Introduction ] [ 2 Tag structure ] [ 3 How is the data sent to Devo? ]
Introduction
The tags beginning with edr.carbonblack identify events generated by VMware Carbon Black.
Tag structure
The full tag must have 3 levels. The first two are fixed as edr.carbonblack. The third level identifies the type of events sent.
Technology | Brand | Type |
|---|---|---|
edr | carbonblack |
|
Therefore, the valid tags and tables include:
edr.carbonblack.alert
edr.carbonblack.binary
edr.carbonblack.feed
edr.carbonblack.ingress
edr.carbonblack.watchlist
How is the data sent to Devo?
You can forward logs generated by VMware Carbon Black using any Syslog drain (for example, Syslog-ng) or through Devo Relay.
, multiple selections available,
Related content
edr.carbonblack
edr.carbonblack
More like this
edr.carbonblack
edr.carbonblack
More like this
cef1.carbonblack
cef1.carbonblack
More like this
endpoint.carbonblack
endpoint.carbonblack
More like this
cef1.carbonBlack.protection
cef1.carbonBlack.protection
More like this
cef0.vmwareCarbonBlack
cef0.vmwareCarbonBlack
More like this