Applies To: Trend Micro Apex One/Central 2019 (On-Prem)
Trend Micro Apex One is an integrated solution that protects enterprise networks from malware, network viruses, web-based threats, spyware, and mixed threat attacks.
Trend Micro Apex One Central is a centralized management console that manages Trend Micro products and services which allows administrators to monitor and report on activities such as infections, security violations, or virus/malware entry points.
Apex One consists of the Security Agent program that resides at the endpoint and a server program that manages all agents.
Reports are the best way to view the historical data (depending on the timeline defined). Some of the reports provided by EventTracker for Apex One are: summary of activities such as, managed user logon and logoff activity, spyware detection, virus detection, suspicious file detection, endpoint application control violation information, etc.
Dashboards are the graphical representations of activities occurring in Apex One. These dashboards can be a pie chart, or a bar diagram, or even a map. This allows user to see the key highlights of Apex One events. ex. Dashboards display Indicator of Compromises (IOC) , such as file-hash or filename or login activities of managed user with their source IP address.
Alerts such as, potential threat quarantined, are included in the knowledge packs. These alerts can be configured to forward emails to users/admin of Apex One as soon as any suspicious events are detected.
Once Apex One is configured to deliver events to EventTracker Manager; alerts, dashboards, and reports can be configured into EventTracker.
The configuration details are consistent with EventTracker version 9.2 and later, and Trend Micro Apex One (On-Premises).
To configure Trend Micro Apex One to send logs to EventTracker, refer to the How-to Guide.
For more information please refer to the Trend Micro Apex One Integration guide