Ctrlk
ProductBook a demoOpen app
linkedinyoutube

Trend Micro Apex Central

Configure the Trend Micro Apex Central syslog connector in Radiant Security to forward Apex Central logs for AI triage.

Connect Trend Micro Apex Central to Radiant Security over syslog to forward Apex Central logs for AI triage. This guide covers adding the data connector in Radiant and configuring Apex Central to forward logs to a Radiant Security Agent.

Prerequisites

Add the data connector in Radiant Security

  1. Log in to Radiant Security.

  2. From the navigation menu, click Settings > Data Connectors, then click + Add Connector.

  3. Search for and select Trend Micro Apex Central (syslog), click Data Feeds, then click Credentials.

  4. In Credential Name, enter an identifiable name (e.g., Trend Micro Apex Central Credentials).

  5. In Connector tag, enter any value. This value salts the token generated in the next step.

  6. Click Add Connector.

  7. Copy the Token value or download the token file. You need this token to complete the syslog configuration in Apex Central.

  8. Click Done to save your changes.

Configure Apex Central to forward logs

1

Open syslog settings

  1. Log in to the Apex Central console.

  2. Go to Administration > Settings > Syslog Settings.

2

Enable syslog forwarding

Click Enable syslog forwarding.

3

Configure the syslog destination

Under Syslog Settings, enter the following values:

  • Server Address: {the IP address configured for the Radiant Security Agent}.

  • Port: {the port configured for the Radiant Security Agent}.

  • Protocol: SSL/TLS.

  • Use server certificate: clear this option if it is selected.

  • Format: CEF.

  • Frequency: 0 hours, 1 minute.

  • Log Type: select Security Logs from the drop-down, then select all checkboxes.

If you do not know which IP address or port to use, contact your Radiant Security customer success representative.

4

Save the configuration

Click Done.

Verify ingestion

After Trend Micro Apex Central begins forwarding, confirm alerts are reaching Radiant.

  1. In Radiant, navigate to Log Management.

  2. Filter by rs_connectorType:"trendmicro_apex_central".

  3. Confirm recent alerts appear.

Allow several minutes for alerts to be parsed, indexed, and available for search.

PreviousTrend MicroNextTrend Vision One

Last updated

Was this helpful?