Forum Discussion
Solved
Carbon Black Cloud Connector not working?
Hi there,
I just tried to use the Carbon Black Cloud connector in Sentinel.
I installed it from the content hub.
It pushes out an Azure function.
If you open it's powershell script you can see it was created by Microsoft in 2020.
The api it points to is obsolete.
I created my own test connector in Logic apps which seems to work fine. (happy to share).
However I'd like to know if Microsoft is aware of this issue and if it is actually broken are there plans to fix it, or if it does work then can I get some steps to make it work in Sentinel/Azure (just to pull alerts, no interest in the AWS options).
Thank you!
I got it working.
Aside from the configuration steps being confusing, the ARM configuration panel has some options that simply don't work.
Here's an example configuration of what will work:(and yes I'll let the github admin know my suggestion 🙂 )
- I'd suggest you raise an Issue in the Microsoft Github, detailing the above. https://github.com/Azure/Azure-Sentinel/issues
I got it working.
Aside from the configuration steps being confusing, the ARM configuration panel has some options that simply don't work.
Here's an example configuration of what will work:(and yes I'll let the github admin know my suggestion 🙂 )
