This section describes how to use the Splunk SOAR app with Carbon Black Cloud.
Viewing App Logs
The Carbon Black Cloud App uses standard Splunk SOAR logging system. For details about logging, go to Logging levels for Splunk SOAR.
Multi-Tenancy
You can enable multi-tenancy to allow one security team to manage multiple independent customers while segregating their customers' assets and data. For example, a Managed Security Service Provider (MSSP) business can use multi-tenancy to perform incident response for multiple clients with one analyst team on a single Splunk SOAR (On-premises) instance and maintain customer separation. The MSSP SOC can administer each customer's data set without needing a separate login and permissions configuration.
To set up your multitenant environment, follow Splunk's Multi-tenant management.