Use the Log Activity tab in the Carbon Black Cloud app for QRadar to view data pulled from the Carbon Black Cloud.
The following table lists the data types you can access from the Log Activity tab.
Data Type | Use Case | More Information |
---|---|---|
Alerts | Alerts indicate suspicious behavior and known threats in your environment and provide details on the events that led to an alert. Details include metadata about the alert and a list of all the events associated with the alert. | |
Audit Logs | Use the Audit Logs to review actions performed by Carbon Black Cloud users, such as log-in attempts, updates to connectors, creation of connectors, liveResponse events, and more. | |
Events | Provides an overview of endpoint events from the Carbon Black Cloud app. | Endpoint Event Field Descriptions |