Version:

Trend Micro

Trend Micro consists of security analytics components that normalize Trend Micro events, which enables you to analyze Trend Micro data. It includes the Syslog Collector based Trend Micro log source template, which ensure consistency in collecting, processing and analyzing Trend Micro logs for precise security event analysis and reporting.

The Trend Micro dashboards and security reports lets you analyze the normalized information. The dashboards visualize the events associated with Trend Mirco Virtual Analyzer, Antimalware, IDS/IPS, Control Manager, database, threats, and a firewall.

When Logpoint identifies threats, malware or malicious events with a potential risk to your environment, it triggers security alerts based on predetermined alert rules. The automated alerts enable you to detect potential threats, malware or malicious events early and take corrective actions against them. You can further customize the data and searches to perform in-depth analysis.

You can configure Trend Micro from Log Source Templates or Devices. We recommend using the log source template.

Supported Device/Source

Trend Micro

Trend Micro Components

  1. Dashboards

    • LP_CEF: Trend Micro Deep Discovery - Virtual Analyser

    • LP_Trend Micro Deep Security - Firewall

    • LP_CEF: Trend Micro Deep Discovery - Threat

    • LP_Trend Micro Control Manager

    • LP_Trend Micro DB

    • LP_CEF: Trend Micro Deep Discovery - Overview

    • LP_Trend Micro Deep Discovery - Virtual Analyser

    • LP_Trend Micro Office Scan

    • LP_Trend Micro Deep Discovery - Overview

    • LP_Trend Micro Deep Security - Overview

    • LP_Trend Micro Deep Security - Intrusion Prevention

    • LP_Trend Micro Deep Security

    • LP_Trend Micro Deep Discovery - Threat

    • LP_Trend Micro Deep Security - Anti-Malware

    • LP_Trend Micro IWSVA

    • LP_TREND MICRO IMSVA

  2. Report Packages

    • LP_CEF: Trend Micro Deep Discovery - Virtual Analyser

    • LP_Trend Micro Deep Security - Firewall

    • LP_CEF: Trend Micro Deep Discovery - Threat

    • LP_Trend Micro Control Manager

    • LP_Trend Micro DB

    • LP_CEF: Trend Micro Deep Discovery - Overview

    • LP_Trend Micro Deep Discovery - Virtual Analyser

    • LP_Trend Micro Deep Discovery - Overview

    • LP_Trend Micro Deep Security - Overview

    • LP_Trend Micro Deep Security - Intrusion Prevention

    • LP_Trend Micro Deep Security

    • LP_Trend Micro Deep Discovery - Threat

    • LP_Trend Micro Deep Security - Anti-Malware

    • LP_Trend Micro IWSVA

  3. Normalization Packages

    • LP_Trend Micro Control Manager

    • LP_Trend Micro DB

    • LP_Trend Micro IMSS

    • LP_Trend Micro IMSVA

    • LP_Trend Micro IWSVA

    • LP_Trend Micro Office Scan

  4. Alerts

    • LP_Trend MicroDeepSecurity File Quarantined

    • LP_Trend MicroDeepSecurity Virus Quarantined

    • LP_Trend Micro Deep Security Ransomware Detection

    • LP_Trend Micro Deep Security Botnet Detection

    • LP_LP_TrendMicro Anti-Malware Engine Offline

  5. Label Package

    • LP_Trend Micro Control Manager

  6. Compiled Normalizers

Modularized Compiled Normalizer:

Modularization separates a program’s functionality into independent, interchangeable modules. Each module contains everything necessary to executes only one aspect of the program’s functionality. With modularization it is easier to add and maintain smaller program components, understand the purpose of each module, and reuse and refactor them. The modularized compiled normalizer TrendMicroCompiledNormalizer includes the modules like TrendMicroDeepSecurityCEFCompiledNormalizer and TrendMicroControlManagerCEFCompiledNormalizer that are capable of carrying out task(s) independently and work as basic constructs for the TrendMicroCompiledNormalizer.

Non-modularized Compiled Normalizer:

Non-modularization means no modules are integrated into the program. The non-modularized Trend Micro compiled normalizers like TrendMicroIMSVACompiledNormalizer and TrendMicroIMSVACompiledNormalizer are independent and normalize specific logs such as IMSVA, ApexCentral and DeepDiscoveryCEF.

Following are the non-modularized compiled normalizers included in Trend Micro:

  • TrendMicroDeepSecurityCEFCompiledNormalizer

  • TrendMicroControlManagerCEFCompiledNormalizer

  • TrendMicroDeepDiscoveryCEFCompiledNormalizer

  • TrendMicroOfficeScanCompiledNormalizer

  • TrendMicroIMSVACompiledNormalizer

  • TrendMicroIMSVACompiledNormalizer

  • TrendMicroApexCentralCompiledNormalizer

  • TrendMicroIMSVACompiledNormalizer

  1. Search Package

    • Trend MicroDeepSecurity

Helpful?

We are glad this guide helped.


Please don't include any personal information in your comment

Contact Support