Configuring Trend Micro Deep Discovery Director to communicate with QRadar
To collect events from Trend Micro Deep Discovery Director, configure your Trend Micro Deep Discovery Director device to forward syslog events to QRadar®.
- Log in to your Trend Micro Deep Discovery Director device.
- Click .
- Click Add, and then select Enabled.
Configure the parameters in the following table.
Parameter Description Profile name The name for the Deep Discovery Director syslog server. Server address The IP address of your QRadar Console or Event Collector. Port
- SSL/TLS - 6514 (default port)
- TCP - 601
- UDP - 514
Log format LEEF Scope The events that you want to forward to QRadar.
- Click Save.