Trend Micro
Trend Micro consists of security analytics components to analyze Trend Micro data. Logpoint aggregates and normalizes logs related to Trend Micro so you can explore the information through dashboards and reports. Trend Micro dashboards visualize the events associated with Trend Mirco Virtual Analyzer, Antimalware, IDS/IPS, Control Manager, database, threats, and a firewall. Furthermore, when Logpoint identifies threats, malware, or malicious events with a potential risk, it triggers security alerts based on predetermined rules. The automated alerts enable you to detect potential threats, malware, or malicious events early and take corrective actions against them.
Key Information
- The modularized compiled normalizer TrendMicroCompiledNormalizer that includes all Trend Micro-related compiled normalizers is now available. The non-modularized Trend Micro compiled normalizers are available for this release only. To learn more, go to Compiled Normalizer.
- Activate the label package LP_Trend Micro Control Manager to apply specific labels and group similar logs together. To learn more, go to Activating Labels Packages.
Enhancements
|
Description |
Issue ID |
Reference ID |
|---|---|---|
| Added Syslog Collector based Trend Micro log source template, simplifying the log source configuration process. To learn more, go to Creating Log Source via a Template. | KB-22742 | - |
|
Added a new compiled normalizer TrendMicroCompiledNormalizer to support DeepSecurityCEF, ControlManagerCEF, DeepDiscoveryCEF, OfficeScan, ISMS, IMSVA, ApexCentral and CloudAppSecurity logs. |
KB-20162 | - |
| Added a dashboard LP_TREND MICRO IMSVA to support IMSVA log format. To know more, go to Trend Micro Dashboards. | KB-18909 | 70584 |
Bug Fix
| Description | Issue ID | Reference ID |
|---|---|---|
| TrendMicroDeepSecurityCEF logs were not normalized by TrendMicroDeepSecurityCEFCompiledNormalizer and Trend Micro normalization packages. | KB-20767 | 74135 |
Past Releases
Trend Micro v5.1.0
Release Date: August 16, 2022
Supported On: Logpoint v6.7.0 or later
Download: TrendMicro_5.1.0.pak
SHA256: 440ad10993d345835215ec1a10c4b9e4d1426ad69d3b4ca52ec07415ec9de217
Enhancements
|
Description |
Issue ID |
Reference ID |
|---|---|---|
| Added TrendMicroCloudAppSecurityCompiledNormalizer to normalize Trend Micro Cloud App Security logs. | KB-13319 | 56559 |
|
Added the following alerts:
To learn more, go to Trend Micro Alerts. |
KB-13885 | - |
|
Updated LP_Trend Micro IWSVA to support IWSVA new log format. To learn more, go to Log Samples. |
KB-12885 | 54736 |
Bug Fixes
The following issues are fixed:
|
Description |
Issue ID |
Reference ID |
|---|---|---|
| Labels were missing in some TrendMicro Deep Security logs. | KB-11137 | 47590 |
| Apex Central Saas Syslog and Trend Micro Apex CentralTM logs were not normalized by TrendMicroApexCentralCompiledNormalizer. | KB-11321, KB-13632 | 48465, 57023 |
Trend Micro v5.0.1
Supported On: Logpoint v6.7.0 or later
Enhancement
A minor update has been done in Trend Micro's normalizer for better signature handling.
Trend Micro v3.3.0
SHA 256: 98b5071cd40207271b4a644f625c1885c99a2faf13c6ee6ce7a7470aa503d10e
Download: TrendMicro_3.3.0.zip
Enhancement
A minor update has been done in the Websense's normalizer for better signature handling.
Support
If you have any questions or require assistance, create a support ticket.
Hi,
Very Nice article, Please i failed to find the ODBC table under ‘Knowledge Base’, there is no such configuration item. cloud you please help me locate it ?
Thank you for your help,
Regards
Hello François-Xavier,
We don't have Table on the newer version of LogPoint (6.x.x). You can configure it from Knowledge Base => Enrichment Sources => Table.
Sorry for the inconvenience caused.
Hello Ramesh,
Great, Thank you for your feedback.
Hi, I can't add ODBC fetcher, Test is working but when I click on Submit, Logpoint says "Form is Beeing Submitted" and then nothing happens, I stay on the ODBC configuration widget and can only do cancel to get back to the ODBC Fetcher Widget without my configuration saved, it's really annoying...
Hello eric,
I'm not a LogPoint support member but as a user i have already encountered this issue. Use another browser to perform this action and it should work.
regardes,
François-Xavier KOUADIO