Deep Security Agent: Provides anti-malware, intrusion prevention, and log inspection for cloud and on-prem servers.
To onboard such an appliance to Axoflow, complete the generic appliance onboarding steps.
Labels
Axoflow automatically adds the following labels to data collected from this source:
| label | value |
|---|---|
| vendor | trend-micro |
| product | deep-security-agent |
| format | cef |
Sending data to Splunk
When sending the data collected from this source to Splunk, Axoflow uses the following sourcetype and index settings:
| sourcetype | index |
|---|---|
| deepsecurity | epintel |
| deepsecurity-system_events | epintel |
| deepsecurity-intrusion_prevention | epintel |
| deepsecurity-firewall | epintel |
| deepsecurity-antimalware | epintel |
| deepsecurity-integrity_monitoring | epintel |
| deepsecurity-log_inspection | epintel |
| deepsecurity-web_reputation | epintel |
| deepsecurity-app_control | epintel |
| deepsecurity-system_events | epintel |
Sending data to Google SecOps
When sending the data collected from this source to a dynamic Google SecOps destination, Axoflow sets the following log type: TRENDMICRO_DEEP_SECURITY.