Forum Discussion
Trend Micro XDR Data connector
Hi, Just after further explanation of the following custom logs which get created when ingesting Trend Micro via the XDR data connector. TrendMicro_XDR_Health_Check_CL TrendMicro_XDR_OAT_CL Tr...
Hello,
I would like to know if when you connected the trend micro connector, you saw all these tables appear
TrendMicro_XDR_Health_Check_CL
TrendMicro_XDR_OAT_CL
TrendMicro_XDR_OAT_Health_Check_CL
TrendMicro_XDR_RCA_Result_CL
TrendMicro_XDR_RCA_Task_CL
TrendMicro_XDR_WORKBENCH_CL
Because in my case I just see two tables:
TrendMicro_XDR_Health_Check_CL
TrendMicro_XDR_OAT_Health_Check_CL
thanks
I would like to know if when you connected the trend micro connector, you saw all these tables appear
TrendMicro_XDR_Health_Check_CL
TrendMicro_XDR_OAT_CL
TrendMicro_XDR_OAT_Health_Check_CL
TrendMicro_XDR_RCA_Result_CL
TrendMicro_XDR_RCA_Task_CL
TrendMicro_XDR_WORKBENCH_CL
Because in my case I just see two tables:
TrendMicro_XDR_Health_Check_CL
TrendMicro_XDR_OAT_Health_Check_CL
thanks
- I see all the Tables. You need the ..XDR_Workbench.. table for Alerts in Sentinel.
How you even get the rest of the table to appear?
I'm using the default API role in the TM Vision One, which is the one with SIEM role, generated simulation alert, Workbench can see those alert. But still no logs appeared in the Sentinel after 12 hours.
Documentation on the API account is not details and confusing.
