Carbon Black CB Response
  • 3 minutes to read
  • Print
  • Share
  • Dark
    Light

Carbon Black CB Response

  • Print
  • Share
  • Dark
    Light

Carbon Black CB Response includes scalable, real-time EDR with unfiltered visibility for security operations centers and incident response teams.

Parameters

  1. Carbon Black CB Response Domain (required) - hostname / IP of the Carbon Black CB Response admin local server or the cloud service.
  2. Username and Password (optional, default: empty) - The username and password for an account that has read access to the API.
    • If supplied, Axonius will use the specified user name and password credentials to fetch data from Carbon Black CB Response.
    • If no supplied, Axonius will use the specific API Key to fetch data from Carbon Black CB Response.
  3. API Token (optional, default: empty) - API Token to be authenticated against the Carbon Black CB Response API. For details, see the section below.
    • If supplied, Axonius will use the specific API Key to fetch data from Carbon Black CB Response.
    • If not supplied, Axonius will use the specified username and password credentials to fetch data from Carbon Black CB Response.
NOTE

It is recommended to create and to use an API key, as the user name and password credentials are not supported for all Carbon Black CB Response versions.

  1. Verify SSL (required, default: False) - Verify the SSL certificate offered by the value supplied in Carbon Black CB Response Domain. For more details, see SSL Trust & CA Settings.
    • If enabled, the SSL certificate offered by the value supplied in Carbon Black CB Response Domain will be verified against the CA database inside of Axonius. If the SSL certificate can not be validated against the CA database inside of Axonius, the connection will fail with an error.
    • If disabled, the SSL certificate offered by the value supplied in Carbon Black CB Response Domain will not be verified against the CA database inside of Axonius.
  2. HTTPS Proxy (optional, default: empty) - A proxy to use when connecting to the value supplied in Carbon Black CB Response Domain.
    • If supplied, Axonius will utilize the proxy when connecting to the value supplied in Carbon Black CB Response Domain.
    • If not supplied, Axonius will connect directly to the value supplied in Carbon Black CB Response Domain.
  3. For details on the common adapter connection parameters and buttons, see Adding a New Adapter Connection.

image.png

Advanced Settings

  1. Fetch uninstalled devices (required, default: True) - Choose whether to fetch uninstalled devices.
    • If enabled, all connections for this adapter will fetch uninstalled devices.
    • If disabled, all connections for this adapter will not fetch uninstalled devices.

image.png

Note

For details on general advanced settings under the Adapter Configuration tab, see Adapter Advanced Settings.

Creating an API Key

To create an API Key, do as follows:

  1. As an admin, connect to the Carbon Black CB Response admin panel.
    Click on the user management logo to open the user management tab. Then, click "Teams" and "Create Team":

image.png

  1. Type a name for the new team and drag the relevant group to "Viewer Access". Click "Save Changes":

image.png

  1. Go to "Users" and click "Add User". Fill in the details and assign the user to the team we just created. Optional: If you want to be able to isolate and un-isolate devices from the Axonius control panel, assign the new user to the "Administrators" group:

image.png

  1. Log out of the admin panel and login as the new user. Then, go to "My Profile". Click on API Token to see your API token

image.png

Upload the downloaded JSON in the adapter configuration and the Carbon Black CB Response adapter is configured.

Was this article helpful?