# Trend Micro Apex Central

Connect Trend Micro Apex Central to Radiant Security over syslog to forward Apex Central logs for AI triage. This guide covers adding the data connector in Radiant and configuring Apex Central to forward logs to a Radiant Security Agent.

### Prerequisites

* [ ] Admin access to Trend Micro Apex Central
* [ ] A deployed Radiant Security Agent reachable from Apex Central. See [Install the Radiant Security Agent](/radiant-connectors/data-connectors/install-the-radiant-security-agent.md)

### Add the data connector in Radiant Security

1. Log in to [Radiant Security](https://app.radiantsecurity.ai/).
2. From the navigation menu, click **Settings** > **Data Connectors,** then click **+ Add Connector**.
3. Search for and select **Trend Micro Apex Central (syslog)**, click **Data Feeds**, then click **Credentials**.
4. In **Credential Name**, enter an identifiable name (e.g., `Trend Micro Apex Central Credentials`).
5. In **Connector tag**, enter any value. This value salts the token generated in the next step.
6. Click **Add Connector.**
7. Copy the **Token** value or download the token file. You need this token to complete the syslog configuration in Apex Central.
8. Click **Done** to save your changes.

### Configure Apex Central to forward logs

{% stepper %}
{% step %}

#### Open syslog settings

1. Log in to the Apex Central console.
2. Go to **Administration** > **Settings** > **Syslog Settings**.
   {% endstep %}

{% step %}

#### Enable syslog forwarding

Click **Enable syslog forwarding**.
{% endstep %}

{% step %}

#### Configure the syslog destination

Under **Syslog Settings**, enter the following values:

* **Server Address**: `{the IP address configured for the Radiant Security Agent}`.
* **Port**: `{the port configured for the Radiant Security Agent}`.
* **Protocol**: `SSL/TLS`.
* **Use server certificate**: clear this option if it is selected.
* **Format**: `CEF`.
* **Frequency**: `0` hours, `1` minute.
* **Log Type**: select **Security Logs** from the drop-down, then select all checkboxes.

{% hint style="info" %}
If you do not know which IP address or port to use, contact your Radiant Security customer success representative.
{% endhint %}

<figure><img src="https://20705827.fs1.hubspotusercontent-na1.net/hubfs/20705827/Knowledge%20Base%20Articles/Trend%20Micro%20Apex%20Central%20(syslog)/Untitled(1).png" alt=""><figcaption></figcaption></figure>
{% endstep %}

{% step %}

#### Save the configuration

Click **Done**.
{% endstep %}
{% endstepper %}

### Verify ingestion

After Trend Micro Apex Central begins forwarding, confirm alerts are reaching Radiant.

1. In Radiant, navigate to [Log Management](https://app.radiantsecurity.ai/logs).
2. Filter by `rs_connectorType:"trendmicro_apex_central"`.
3. Confirm recent alerts appear.

{% hint style="info" %}
Allow several minutes for alerts to be parsed, indexed, and available for search.
{% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://help.radiantsecurity.ai/radiant-connectors/data-connectors/trend-micro/trend-micro-apex-central.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.