Configuring Outbreak Criteria and Alert Notifications in Trend Micro Apex One

You can configure outbreak criteria and alert notifications for your Trend Micro Apex One device.

Procedure

  1. Select Notifications > Administrator Notifications > Outbreak Notifications.
  2. Click the Criteria tab.
  3. Type the number of detections and detection period for each security risk.

    Notification messages are sent to an administrator when the criteria exceeds the specified detection limit.

    Note: Trend Micro suggests that you use the default values for the detection number and detection period.
  4. Select Shared Folder Session Link and enable Apex One to monitor for firewall violations and shared folder sessions.
    Note: To view computers on the network with shared folders or computers currently browsing shared folders, you can select the number link in the interface.
  5. Click the SNMP Trap tab.
    1. Select the Enable notification via SNMP Trap check box.
  6. Type the following message in the field:

    Number of virus/malware: %CV Number of computers: %CC Log Type Exceeded: %A Number of firewall violation logs: %C Number of shared folder sessions: %S Time Period: %T

  7. Click Save.

What to do next

Configure a log source in QRadar by using the SNMPv2 protocol. For more information, see SNMPv2 log source parameters for Trend Micro Apex One.