Trend Micro Deep Security sample event message

Use this sample event message to verify a successful integration with IBM® Security QRadar® Log Insights.

Important: Due to formatting issues, paste the message format into a text editor and then remove any carriage returns or line feed characters.

Trend Micro Deep Security sample message when you use the Syslog connector

The following sample event message shows an attempt to scan a computer, or that a network was detected.

<182>Jul 14 01:32:31 trendmicro.deepsecurity.test LEEF:2.0|Trend Micro|Deep Security Manager|11.0.221|851|cat=System	name=Reconnaissance Detected: Network or Port Scan	desc=The Agent/Appliance detected an attempt to scan a computer or a network. Check the Agent/Appliance Events to see the details of the scan.	sev=6	src=192.168.187.196	usrName=qradar	target=testTarget6	msg=The Agent/Appliance detected an attempt to scan a computer or a network. Chek the Agent/Appliance Events to see the details of the scan.	TrendMicroDsTenant=Primary	TrendMicroDsTenantId=0