User Guide

Carbon Black Cloud Binary Toolkit User Guide

Who is this for?

Those who want to get up and running with the built-in functionality provided with the Toolkit. This includes how to use the example YARA Analysis Engine, as well as details of the built-in SQLite State Management database, and other components.

Where do I go if I have questions?

Review the troubleshooting section if something isn't working as expected. If you want to modify the Toolkit, see the Developer Guide.

In what order should I follow the guide?

Generally,

Install CBC Python SDK via pip, if you don't already have it
- pip install carbon-black-cloud-sdk
- follow the [CBC Python SDK README](pip install carbon-black-cloud-sdk) for setup instructions
Install the toolkit via pip
- pip install cbc-binary-toolkit
Configure API Access
Create a Feed to send analysis results to
Edit your configuration file
Configure YARA rules (optional)
Run the analysis utility

Pages

Assumptions

The Toolkit has been installed via pip

pip install cbc-binary-toolkit

You have configured a Carbon Black API Key
You have read the README and installed the requirements via pip
The built-in examples are being used for execution, including the Analysis Utility, Built-in State Management Database, and YARA Analysis Engine.

Information here is current as of Carbon Black Cloud Binary Toolkit 1.0.0

CBC Binary Toolkit

Home
Performance Metrics
User Guide
Developer Guide
- Replace Components
  - Analysis Engine
  - Persistence System
- Architecture Overview
- Schemas
- Interfaces
Glossary

Provide feedback

Saved searches

Use saved searches to filter your results more quickly