Device Details
|
Vendor |
Trend Micro |
|---|---|
|
Device Type |
Vulnerability Protection Manager |
|
Supported Model Name/Number |
Anti-malware and threat security protection |
|
Supported Software Version(s) |
N/A |
|
Collection Method |
Syslog |
|
Configurable Log Output? |
N/A |
|
Log Source Type |
Syslog - Trend Micro Vulnerability Protection Manager |
|
Log Processing Policy |
LogRhythm Default |
|
Exceptions |
N/A |
|
Additional Information |
Prerequisites
To access the Syslog - Trend Micro Vulnerability Protection Manager, you need one of the following web browsers:
-
Microsoft Internet Explorer 11 or higher
-
Mozilla Firefox
-
Apple Safari
-
Google Chrome
Device Configuration Checklist
-
http://docs.trendmicro.com/all/ent/vp/v2.0/en-us/vp_2.0_ig.pdf
-
http://docs.trendmicro.com/all/ent/vp/v2.0/en-us/sp2/Vulnerability_Protection_2_SP4_Admin_Guide_EN.pdf
-
https://www.eventtracker.com/knowledge-packs/trend-micro-vulnerability-protection/
-
http://docs.trendmicro.com/all/ent/vp/v2.0/en-us/sp2/tmvp_2.0_sp2_p4_ig.pdf
Currently Supported Log Types
|
Type |
Product Version |
Supported Schema Fields |
|---|---|---|
|
Catch All |
All |
<severity> |
|
Vulnerability Protection Messages |
All |
<process>, <version>, <vmid>, <vendorinfo>, <tag1>, <severity>, <sip>, <sname>, <dip>, <dname>, <subject> |
Parsed Metadata Fields
|
Product Field Name |
LogRhythm Metadata Field |
Value/Data Type |
|---|---|---|
|
msg |
<subject> |
Text/ String |
|
process |
<process> |
Text/ String |
|
severity |
<severity> |
Number |
|
src |
<sip> |
IP Address |
|
suser |
<sname> |
Text/ String |
|
target |
<dip> |
IP Address |
|
target |
<dname> |
Text/ String |
|
vendorinfo |
<vendorinfo> |
Text/ String |
|
version |
<version> |
Number |
|
vmid |
<vmid> |
Number |