Giters

criblpacks / cribl-carbon-black

This pack is targeted for collections of Carbon Black events

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

carbon-black-cloudcarbonblacklogsobservabilitystream-processingvmware

Carbon Black Pack

  • This pack is targeted for collections of Carbon Black events
  • The Carbon_Black pipeline inside the pack includes Sample files for testing and multiple examples of Dropping events
  • Furthermore, the pipeline show example of shaping the events into JSON before sending the event to the Analytics store

Important Information

Carbon Black Event types details can be found here: 
https://www.carbonblack.com/products/vmware-carbon-black-cloud-endpoint/

What to Expect

  • Event reduction: Expect 30% reduction in total size using Drop or Sampling.
  • Event shaping: Expect the pack to shape the events into JSON format

Requirements

Before you begin, ensure that you have met the following requirements:

  1. Create a Route with a filter for your Carbon Black Pack
  2. Select the CriblCarbonBlack pack as the pipeline.

Release Notes

Version 0.5.0 - 2021-07-10

Carbon Black events pack Initial release! Support for: VMWare Carbon Black events

Contributing to the Pack

Discuss this pack on our Community Slack channel

Contact

The author of this pack is Raanan Dagan and can be contacted at rdagan@cribl.io.

License

This Pack uses the following license: Apache 2.0.

About

This pack is targeted for collections of Carbon Black events

carbon-black-cloudcarbonblacklogsobservabilitystream-processingvmware

License:Apache License 2.0