Configure Trend Micro Apex Central for syslog forwarding to Radiant Security.
Trend Micro Apex Central is the console that’s used to monitor and manage Apex One and other Trend Micro solutions.
In this guide, you’ll complete the following steps:
- Add the data connector in Radiant Security
- Configure a local Radiant Security Syslog Collector
- Configure Trend Micro Apex Central to forward logs to the Radiant Security Log Collector
Prerequisites
- Admin access to the Apex Central Console
Add the data connector in Radiant Security |
|
| 1. Log in to Radiant Security. |
|
| 2. From the navigation menu, click Settings > Data Connectors and click + Add Connector. | |
| 3. Search for and select the Trend Micro Apex Central (syslog) option from the list and then click Data Feeds. | /Screenshot%202024-04-22%20at%2010.18.32.png?width=688&height=1238&name=Screenshot%202024-04-22%20at%2010.18.32.png) |
| 4. Under Select your data feeds, select Trend Micro Apex Central and click Credentials. | /Screenshot%202024-04-22%20at%2010.44.09.png?width=688&height=1248&name=Screenshot%202024-04-22%20at%2010.44.09.png)
|
5. Under Credential Name, give the credential an identifiable name (e.g. Trend Micro Apex Central Credentials). |
|
| 6. Under Required Credentials, in the Connector tag field enter a value. This value will act as the salt to randomize the unique Token you’ll download in the next step. | /Screenshot%202024-04-22%20at%2010.45.06.png?width=688&height=1254&name=Screenshot%202024-04-22%20at%2010.45.06.png)
|
| 7. Click Add Connector. | |
| 8. Copy and save the connector Token value using the clipboard option or download the Token file. You will need this token to complete the configuration. | /Screenshot%202024-04-22%20at%2010.47.41.png?width=688&height=1241&name=Screenshot%202024-04-22%20at%2010.47.41.png)
|
| 9. Click Done to save your changes. | |
Configure a local Radiant Security Syslog Collector
Please refer to the Deploy a Radiant Security Syslog Collector guide for how to set up a local Radiant Security Syslog Collector.
Configure Trend Micro Apex Central to forward logs to the Radiant Security Log Collector
- Log into the Apex Central Console.
-
Navigate to Administration > Settings > Syslog Settings.
-
Click Enable syslog forwarding.
-
Under Syslog Settings, configure the following settings:
-
Server Address: Enter the IP address of the local Radiant Security Syslog Collector previously deployed
- Port:
6514 - Protocol:
SSL/TLS - If Use server certificate is selected, unselect it.
- For Format, select CEF.
- For Frequency, set 0 hours and 1 minute.
/Untitled.png?width=569&height=281&name=Untitled.png)
-
- For Log Type, select Security Logs from the drop- down and select all of the checkboxes.
/Untitled(1).png?width=688&height=484&name=Untitled(1).png)
- Click Done.
We value your opinion. Did you find this article helpful? Share your thoughts by clicking here or reach to our Product and Customer Success teams at support@radiantsecurity.ai
Last updated: 2024-08-23