Navigation Bar

You use the Carbon Black EDR navigation bar to access console pages. The following table describes the options that are available for users with full Administrator/Global Administrator privileges – other users will see options that are appropriate to their privilege level. The Teams option appears for cloud instances only.


Link	Description
CB Logo	Opens the HUD page, which is a customizable page that provides a summary of alerts on hosts that report to your Carbon Black EDR server. See Head-Up Display Page.
Threat Intelligence	Provides intelligence feeds. You can set up watchlists, incremental synchronizations, and full synchronizations with these feeds. You can also access information about process and binary matches found by each feed. See Threat Intelligence Feeds
Triage Alerts	Shows events that match queries that are defined by watchlists and indicators of compromise (IOCs) that are defined by feeds. The information provides criteria that is available to search for specific events. See Managing Alerts on the Triage Alerts Page.
Watchlists	Saved queries that are performed on process events and binary data stores. The queries contain lists you can use to track specific IOCs. See Watchlists
Process Search	Provides an overview of the sensor process data collection that is received from currently installed sensors. See Process Search and Analysis
Binary Search	Shows the metadata of binary files that have been executed. Binary file data is tracked at the moment of execution, and is identified by MD5 hash name. See Binary Search and Analysis
Go Live	This icon appears if you have enabled Go Live in Username > Settings > Advanced Settings. It opens a command line page that provides direct access to sensors. You can directly access content on endpoints. See Responding to Endpoint Incidents
Live Query	This icon appears if you have enabled Live Query in Username > Settings > Advanced Settings. It allows you to run direct SQL queries against targeted endpoints. See Live Query.
Investigations	A collection of tagged process events that are products of search results from searching your networks and endpoints for threats. See Investigations.
Sensors	Shows data for sensors and sensor groups. Sensor groups categorize sensors that share the same configuration. You can view, define and update sensors and sensor groups on this page. See Managing Sensors.
Yara Manager	VMware Carbon Black Yara Manager provides a web-based user interface that is integrated with the Carbon Black EDR server to configure, control, and assess the status of the Yara Connector. See Yara Manager.
Users	Carbon Black EDR displays the User Management page. Administrators can add and configure new users who can view user activity, and create and manage teams of users. Non-administrator users can use this menu item to view their user profile details. See Managing User Accounts (Carbon Black EDR). Carbon Black Hosted EDR displays user accounts that are authorized to access the server. See Managing User Accounts (Carbon Black Hosted EDR).
Teams	Carbon Black Hosted EDR only. This link goes to the Team Management page for your instance. Administrators can configure users, view user activity, and create and manage teams of users. See Managing User Accounts (Carbon Black Hosted EDR).
Event Forwarder	Displays only if enabled. This link opens the Event Forwarder Settings page, which lets you configure the Event Forwarder from within the Carbon Black EDR console. See Event Forwarder.
Server Dashboard	Shows server statistics such as sensor statistics and server communication status. See Monitoring Sensor and Server Information.
Banned Hashes	Opens the Manage Banned Hashes page, which shows process hashes for which a ban has been created. Banned processes are blocked from running on hosts that are managed by a Carbon Black EDR sensor. See Responding to Endpoint Incidents