Configure the integration to view Trend Vision One Workbench alerts and Observed Attack Techniques events directly in the Microsoft Sentinel platform.
The connector includes the following resources to enhance your monitoring and
investigation capabilities:
-
Workbook that provides insights into alert trends and impacted hosts
-
Rule templates to create incidents for alerts based on severity
Procedure
- Create a Microsoft Sentinel workspace.For more information, see https://docs.microsoft.com/en-us/learn/modules/create-manage-azure-sentinel-workspaces/.
- Configure and deploy the connector.For more information, see Deploying the Trend Vision One connector.
- Check ingested data in your Log Analytics workspace.For more information, see Checking ingested data in Log Analytics workspaces.