Skip to main content
Skip table of contents

Trend Micro Audit Event

Vendor Documentation

https://docs.trendmicro.com/en-us/enterprise/trend-micro-email-security-online-help/logs-in-hes/managing-syslog/syslog-content-mappi/cef-detection-logs.aspx

https://docs.trendmicro.com/en-us/enterprise/trend-micro-email-security-online-help/logs-in-hes/managing-syslog.aspx

Classification

Rule NameRule TypeClassificationCommon Event
Trend Micro Audit EventBase RuleInformationGeneral Audit Messages

Mapping with LogRhythm Schema

Device Key in Log Message

LogRhythm Schema

Data Type

Schema Description

logVerN/AN/ACEF format version
vendorN/AN/AAppliance vendor
pnameN/AN/AAppliance product
pverN/AN/AAppliance version
eventidN/AN/ASignature ID
eventName<vmid>Text/StringDescription
severity<severity> NumberEmail severity
rtN/AN/ALog generation time
cs1LabelN/AN/AAccount type's label
cs1N/AN/AAccount type (either end user or admin)
suser<login>Text/StringEmail sender
cs2LabelN/AN/AEvent type's label
cs2<vendorinfo>Text/StringEvent type
act<action>Text/StringAction in the event
cs3LabelN/AN/ALabel of the domain affected by the event
cs3<domainimpacted>Text/StringDomain affected by the event
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close