Viewing App Logs

The Carbon Black Cloud App uses standard Splunk SOAR logging system. For details about logging, go to Logging levels for Splunk SOAR.

Multi-Tenancy

You can enable multi-tenancy to allow one security team to manage multiple independent customers while segregating their customers' assets and data. For example, a Managed Security Service Provider (MSSP) business can use multi-tenancy to perform incident response for multiple clients with one analyst team on a single Splunk SOAR (On-premises) instance and maintain customer separation. The MSSP SOC can administer each customer's data set without needing a separate login and permissions configuration.

To set up your multitenant environment, follow Splunk's Multi-tenant management.