Syslog - Trend Micro Deep Discovery Director

Trend Micro Deep Discovery Director

Trend Micro

Endpoint Security Solution

N/A

All

Syslog

Yes

Syslog - Trend Micro Deep Discovery Director

LogRhythm Default V2.0

Only CEF format supported

N/A

Attachment Detection Event

N/A

<vendorinfo>, <severity>, <threatname>, <hash>, <objecttype>, <object>, <size> 

Deny List Transaction Event

N/A

<vmid>, <vendorinfo>, <action>, <tag1>, <policy>, <severity>, <dname>, <dport>, <dip>, <hash>, <url>

Disruptive Application Event

N/A

<vmid>, <vendorinfo>, <severity>, <protname>, <snatip>, <sip>, <dip>, <dnatip>, <dnatip>, <dname>, <dmac>, <dport>, <dip>, <sname>, <smac>, <snatip>, <sport>

Email Detection Event

N/A

<vendorinfo>, <severity>, <action>, <tag1>, <size>, <threatname>, <recipient>, <subject>, <sip>, <sender>

File Analysis Event

N/A

<vendorinfo>, <severity>, <threatname>, <hash>, <objecttype>, <object>, <size> 

Message Tracking Event

N/A

<vendorinfo>, <severity>, <action>, <tag1>, <status>. <recipient>, <subject>, <reason>, <sip>, <sender>

Notable Characteristics Event

N/A

<vendorinfo>, <severity>, <policy>, <hash>, <objecttype>, <object>, <size>, <subject> 

Threat Event

N/A

<threatid>, <vendorinfo>, <severity>, <action>, <tag1>, <protname>, <snatip>, <sip>, <dip>, <dnatip>,<threatname>, <dnatip>, <dname>, <dmac>, <dport>, <dip>, <recipient>, <hash>, <object>, <size>, <useragent>, <url>, <sname>, <smac>, <snatip>, <sport>, <login>, <sender>

URL Analysis Event

N/A

<vendorinfo>, <severity>, <hash>, <url>

URL Detection Event

N/A

<vendorinfo>, <severity>, <threatname>, <url>

Web Reputation Event

N/A

<vendorinfo>, <severity>, <protname>, <snatip>, <sip>, <dip>, <dnatip>, <subject>, <threatname>, <dnatip>,<dname>, <dmac>, <dport>, <dip>, <recipient>, <useragent>, <url>, <sname>, <smac>, <snatip>, <sip>, <sport>, <sender> 

KB 7.1.646.0

Syslog

New Device

N/A