Views:
To enable XDR Threat Investigation capabilities, including threat detection and threat hunting, you must have one or more Trend Micro or third-party data sources connected to Trend Vision One.

Procedure

  1. Connect data sources to Trend Vision One.
    1. Go to Workflow and AutomationData Source and Log ManagementXDR Threat InvestigationXDR Layers
      The XDR Layers section of Data Source and Log Management (Workflow and AutomationData Source and Log ManagementXDR Threat InvestigationXDR Layers) displays your connected data sources that supply data to XDR Threat Investigation apps in Trend Vision One along with:
      • Connection status
      • Data retention period
      • Last sync time.
    2. Select the data source you want to connect.
    3. Follow the provided instructions to connect the data source.
  2. To collect and organize log data from third-party data sources, configure third-party log collection.
    Third-Party Log Collection is a log management system that allows you to collect and organize log data from the third-party data sources on your organization's network. The collected data is then available for analytic or compliance purposes throughout Trend Vision One. You may set specific ingestion and retention policies on a particular log repository to more efficiently organize collected log data and quickly access the data when needed. Ingested data is available for use in Search, Workbench, Detection Model Management, and Observed Attack Techniques.
  3. Enable WebGL in your web browser.
Related information