View and manage the Trend Micro and third-party data sources in Data Source and Log Management that supply data to Agentic SIEM & XDR capabilities.
To enable Agentic SIEM & XDR capabilities, including threat hunting and data correlation, you must have one or
more Trend Micro or third-party data sources connected to Trend Vision One. The Agentic SIEM & XDR category in Data sources and retention under Data Source and Log Management displays available Trend and third-party data sources that supply data to Agentic SIEM & XDR in Trend Vision One along with the connection status and data retention period.
The following actions are available in the Agentic SIEM & XDR section.
|
Action
|
Description
|
||
|
View data source connection status
|
The Status column displays the data source connection status. If a particular data source has
an unexpected connection status, click the data source name for details on how to
manage the connection.
|
||
|
View data targets
|
The data target column displays a brief summary of the data collected from the data
source for use in Trend Vision One.
|
||
|
View data source details
|
Click the name of a data source to view:
Retention periods for Agentic SIEM & XDR data sources can only be changed once per day to allow time for the data to sync.
|
||
|
View details of log repositories configured in Third-Party Log Collection
|
Click Third-party log repositories under Agentic SIEM & XDR to view the configuration details of your log repositories. Drill down to see the associated collectors, contributing data sources, and format
of collected logs. Click the log repository name or Configure log repositories to go to , where you can manage your log repositories and collectors. Click Configure alert notifications to set up alerts for unusual status changes or interruptions in data collection.
|
 |
ImportantThird-Party Log Collection capabilities require one or more deployed Service Gateways
with the Third-Party Log Collection Service installed.
|