Trend Micro Deep Discovery Email Inspector
The IBM QRadar DSM for Trend Micro Deep Discovery Email Inspector collects events from a Trend Micro Deep Discovery Email Inspector device.
The following table describes the specifications for the Trend
Micro Deep Discovery Email Inspector DSM:
Specification | Value |
---|---|
Manufacturer | Trend Micro |
DSM name | Trend Micro Deep Discovery Email Inspector |
RPM file name | DSM-TrendMicroDeepDiscoveryEmailInspector-Qradar_version-build_number.noarch.rpm |
Supported versions | V3.0 |
Event format | Log Event Extended Format (LEEF) |
Recorded event types |
Detections Virtual analyzer analysis logs System events Alert events |
Automatically discovered? | Yes |
Includes identity? | No |
Includes custom properties? | No |
More information | Trend Micro website (http://www.trendmicro.ca) |
To integrate Trend Micro Deep Discovery Email Inspector with QRadar,
complete the following steps:
- If automatic updates are not enabled, download and install the most recent version of the
following RPMs from the IBM® Support Website onto your QRadar
Console:
- Trend Micro Deep Discovery Email Inspector DSM RPM
- DSM Common RPM
- Configure your Trend Micro Deep Discovery Email Inspector device to send syslog events to QRadar.
- If QRadar does
not automatically detect the log source, add a Trend Micro Deep Discovery
Email Inspector log source on the QRadar
Console.
The following table describes the parameters that require specific
values for Trend Micro Deep Discovery Email Inspector
event collection:
Table 2. Trend Micro Deep Discovery Email Inspector log source parameters Parameter Description Log Source type Trend Micro Deep Discovery Email Inspector Protocol Configuration Syslog