Trellix includes TrellixCompiledNormalizer that normalizes Trellix events and allows you to analyze Trellix data. TrellixCompiledNormalizer is compatible with the CNDP. Trellix also includes the Trellix log source template, simplifying log source configuration with pre-defined options. The log source template ensures consistency in collecting, processing and analyzing Trellix logs for precise security event analysis and reporting. You can create a dashboard to add a widget for analyzing the information and perform in-depth analysis by changing the data used in a search.
Supported Devices/Sources
Trellix