Syslog - Trend Micro Vulnerability Protection Manager
Device Details
Vendor | Trend Micro |
|---|---|
Device Type | Vulnerability Protection Manager |
Supported Model Name/Number | Anti-malware and threat security protection |
Supported Software Version(s) | N/A |
Collection Method | Syslog |
Configurable Log Output? | N/A |
Log Source Type | Syslog - Trend Micro Vulnerability Protection Manager |
Log Processing Policy | LogRhythm Default |
Exceptions | N/A |
Additional Information |
Prerequisites
To access the Syslog - Trend Micro Vulnerability Protection Manager, you need one of the following web browsers:
- Microsoft Internet Explorer 11 or higher
- Mozilla Firefox
- Apple Safari
- Google Chrome
Device Configuration Checklist
- http://docs.trendmicro.com/all/ent/vp/v2.0/en-us/vp_2.0_ig.pdf
- http://docs.trendmicro.com/all/ent/vp/v2.0/en-us/sp2/Vulnerability_Protection_2_SP4_Admin_Guide_EN.pdf
- https://www.eventtracker.com/knowledge-packs/trend-micro-vulnerability-protection/
- http://docs.trendmicro.com/all/ent/vp/v2.0/en-us/sp2/tmvp_2.0_sp2_p4_ig.pdf
Currently Supported Log Types
| Type | Product Version | Supported Schema Fields |
|---|---|---|
Catch All | All | <severity> |
Vulnerability Protection Messages | All | <process>, <version>, <vmid>, <vendorinfo>, <tag1>, <severity>, <sip>, <sname>, <dip>, <dname>, <subject> |
Parsed Metadata Fields
| Product Field Name | LogRhythm Metadata Field | Value/Data Type |
|---|---|---|
msg | <subject> | Text/ String |
process | <process> | Text/ String |
severity | <severity> | Number |
src | <sip> | IP Address |
suser | <sname> | Text/ String |
target | <dip> | IP Address |
target | <dname> | Text/ String |
vendorinfo | <vendorinfo> | Text/ String |
version | <version> | Number |
vmid | <vmid> | Number |