![]() Reference Tables 1, 2, and 3 below to identify the required API Key Access Levels and RBAC Permissions. Identify the built-in data inputs, alert actions, and commands you intend to use. Alerts Recommended for orgs with high volumesįor built-in data inputs, alert actions, and commands, create API Key(s) with the correct permissions in the Carbon Black Cloud and then configure Splunk to use those keys. ![]() Uses the AWS Add-on for Splunk to pull the data from AWS S3 into Splunk.Streams data into an AWS S3 bucket at scale.Use the VMware Carbon Black Cloud App (or Input Add-on via a Heavy Forwarder), which leverages VMware Carbon Black Cloud REST APIs to pull data into Splunk.Each method supports a subset of the Carbon Black Cloud data which is outlined below. The VMware Carbon Black Cloud App offers two methods to ingest data. Watch our Setup Video for an in depth walk through of the following sections. No additional configuration needed beyond installation for CIM compliant models.Note: If you are using the Data Forwarder to ingest Alerts and Events then you will need to install and configure the Splunk AWS Add-on. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |