Skip to main content
Panther Knowledge Base

Can I send only events that trigger alerts to Panther?

  1. Last updated
  2. Save as PDF

QUESTION

We don't want to store all events data from CarbonBlack into Panther, but we want to be able to alert on that data. We want only the events that match on an alert and the alert itself to be sent to Panther. Is this possible?

ANSWER

Panther doesn't currently support this feature. To submit a feature request, please reach out to Panther Support.

As a workaround, if the application has the ability to automate the export of alerts, you may be able to configure an AWS Lambda solution to push directly to a Panther HTTP log source.

 

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Page type
    Topic
  2. Tags
    This page has no tags.