Hello,
I installed TrendMicro VisionOne app (Version 1.1.1) on Qradar to collect events from two different TrendMicro tenants: our Qradar (Version 7.5.0 up3) is multi-tenanted, two separate customers want to integrate logs from their TrendMicro SaaS platforms (so, they do not have on-prem console).
I created two separate instances of the app to configure each of them with the appropriate API tokens: we can successfully pull the logs from TrendMicro platforms, but they are both ingested into one single (auto-discovered) log source, and most important, they are collected under "Default Domain" instead of the two separate customer domains associated to each tenant.
We tried several operations, including opening a case to TrendMicro support but nothing has fixed the issue..has someone been able to integrate two instances of VisionOne and send each logs to the appropriate event collector\domain on Qradar?
------------------------------
Davide Salardi
------------------------------