IBM QRadar

IBM QRadar

Join this online topic group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only
Back to discussions
Expand all | Collapse all

Support for Log Sources

  • 1.  Support for Log Sources

    Posted Tue February 23, 2021 09:51 AM

    Hi,

    Does QRadar have support for the following log sources in a multitenant environment:

    1. Trend Micro InterWebscan

    2. Trend Micro ScanMail - Secure Email Gateway system

    3. Trend Micro Smart Protection Server

    There does not seem to be any DSM or Content Pack for these products (is any in the pipeline?). Do they map to any other Trend Micro DSM that is sufficiently similar?



    #QRadar
    #Support
    #SupportMigration


  • 2.  RE: Support for Log Sources

    Posted Tue March 02, 2021 03:14 PM

    Hello Edward,

    As of now, QRadar does NOT have support for the above Trend Micro products.

    Supported products are :

    Trend Micro Office Scan 8.x and 10.x

    Trend Micro Deep Security 9.6.1532, 10.0.1962 and 10.1

    Trend Micro Deep Discovery Inspector 3.0 to V3.8, 5.0 and 5.1

    Trend Micro Deep Discovery Email Inspector 3.0

    Trend Micro Deep Discovery Director 3.0

    Trend Micro Deep Discovery Analyzer 5.0, 5.5, 5.8 and 6.0

    Trend Micro Control Manager 5.0 or 5.5 with hotfix 1697 or hotfix 1713 after SP1 Patch 1; 6.0 and 7.0.

    Trend Micro Apex Central (version 1)

    You may use DSM Editor for parsing unknown events.

    Link for creating custom DSM - https://www.ibm.com/support/pages/creating-custom-dsm

    Thanks!

    Ashish Kothekar



    #QRadar
    #Support
    #SupportMigration


Related Content