The Carbon Black Cloud App for Splunk SOAR allows administrators and security analysts to leverage the industry leading cloud-based, next generation anti-virus solution to prevent malware and non-malware attacks.
The Carbon Black Cloud App for Splunk SOAR gives access to alerts through the REST API and provides a set of actions that allow you to orchestrate and automate complex tasks within the enterprise environment.
The Carbon Black Cloud App for Splunk SOAR contains 42 SOAR actions.
Requirements
- Access to Carbon Black Cloud
- Splunk SOAR version 5.3.0+
Data Ingestion
There are two methods of data ingestion:
- Data Ingestion from Carbon Black Cloud using REST APIs
- Data Ingestion using the Splunk Enterprise App for Splunk SOAR
Data ingestion requires a custom type API key for data inputs and SOAR actions.
Additional Resources and Support
- Use the Developer Community Forum to discuss issues and get answers from other API developers in the Carbon Black Community.
- View all API and integration offerings on the Developer Network along with reference documentation, video tutorials, and how-to guides.
- Report bugs and submit change requests to Broadcom Carbon Black Support.
