Skip to main content
Sumo Logic

Install the Trend Micro Deep Security App and view the Dashboards

Overview and details of the Trend Micro Deep Security app dashboards.

Install the Sumo Logic App

Now that you have set up collection, install the Sumo Logic App for Trend Micro Deep Security to use the preconfigured searches and Dashboards that provide insight into your data. 

To install the app:

  1. Select App Catalog, search for and select the app, and click Add to Library. (In the classic UI, click Library, click Apps, select the app, and click Install. If you don't find the app under Apps, it might be a preview app. Try clicking Preview to find the app.)
  2. Click Preview Dashboards if you'd like to see a preview of the dashboards included with the app before installing.
  3. In the Install Application dialog box, select the installation path (the default is the Personal folder in the library), or click New Folder to add a new folder.
  4. Select either of these options for the log data source.
  • Choose Select from Existing Source Categories, and select the source catalog from the Source Category list.
  • Choose Enter a Custom Data Filter and enter a custom source category beginning with an underscore. Example: (_sourceCategory=MyCategory).
  1. Click Add to Library.

Once an app is installed, it will appear in your Personal folder, or other folder that you specified. From here, you can share it with your organization. See Welcome to the New Library for information on working with the library in the new UI.

Panels will start to fill automatically. It's important to note that each Panel slowly fills with data matching the time range query and received since the Panel was created. Results won't immediately be available, but with a bit of time, you'll see full graphs and maps. 

Dashboards

Trend Micro - Deep Security - Overview

Anti-Malware Event History. Displays the number and types of anti-malware events in a stacked column chart on a timeline for the last 24 hours.

IPS Event History. Shows the number and types of IPS events in a stacked column chart on a timeline for the last 24 hours.

Web Reputation Event History. Provides details on the number and types of web reputation events in a stacked column chart on a timeline for the last 24 hours.

Firewall Event History. Displays the number and types of firewall events in a stacked column chart on a timeline for the last 24 hours.

Integrity Monitoring Event History. Shows the number and types of integrity monitoring events in a stacked column chart on a timeline for the last 24 hours.

Log Inspection Events History. Provides details on the number and types of log inspection events in a stacked column chart on a timeline for the last 24 hours.

Trend Micro - Deep Security - Anti-Malware

Anti-Malware Event History. Displays the number and type of anti-malware events in a column chart on a timeline for the last 24 hours.

Top 5 Detected Malware. Shows the top 5 types of malware detected in a pie chart for the last 24 hours.

Top 5 Infected Computers. Lists the top 5 infected computers in a table chart by device host name and count for the last 24 hours.

Trend Micro - Deep Security - Firewall

Firewall Events History. Displays the number and type of firewall events in a column chart on a timeline for the last 24 hours.

Reconnaissance Scan History. Shows the number and type of reconnaissance scan events in a column chart on a timeline for the last 24 hours.

Top 5 Reasons for Prevented Packets. Lists the top 5 reasons why packets were prevented in a table chart by device host name and count for the last 24 hours.

Top 5 Computers for Prevented Firewall Events. Displays the top 5 computers that had prevented firewall events in a table chart by device host name and count for the last 24 hours.

Top 5 Source IDs for Prevented Firewall Events. Shows the top 5 computers that had prevented firewall events in a table chart by source IP address and count for the last 24 hours.

Top 5 Destination Ports for Prevented Firewall Events. Provides details on the top 5 destination ports that had prevented firewall events in a table chart by destination port and count for the last 24 hours.

Top 5 Scans Detected. Displays the top 5 scans detected in a table chart by name and count for the last 24 hours.

Top 5 Computers for Reconnaissance Scans. Shows the top 5 computers for reconnaissance scans in a table chart by target entry and count for the last 24 hours.

Trend Micro - Deep Security - Integrity Monitoring

Integrity Monitoring Event History. Displays the number and type of integrity monitoring events in a column chart on a timeline for the last 24 hours.

Top 5 Computers for Integrity Monitoring Events. Shows the top 5 computers that had integrity monitoring events in a table chart by device host name and count for the last 24 hours.

Top 5 Reasons for Integrity Monitoring Events. Lists the top 5 reasons for integrity monitoring events in a table chart by name and count for the last 24 hours.

Top 5 Keys for Integrity Monitoring Events. Displays the top 5 keys for integrity monitoring events in a table chart for the last 24 hours.

Trend Micro - Deep Security - Intrusion Prevention

IPS Event History. Displays the number and type of intrusion prevention events in a column chart on a timeline for the last 24 hours.

Top 5 Source IPs for Detected IPS Events. Lists the top 5 Source IPs for detected intrusion prevention events in a table chart by source IP and count for the last 24 hours.  

Top Hosts for Prevented IPS Events. Shows the top 5 hosts for prevented intrusion events in a table chart by device host name and count for the last 24 hours.

Top 5 Reasons for Detected IPS Events. Displays the top 5 reasons for detected intrusion prevention events in a table chart by name and count for the last 24 hours.

Trend Micro - Deep Security - Log Inspection

Log Inspection Events History. Displays the number and type of log inspection events in a column chart on a timeline for the last 24 hours.

Top 5 Computers for Log Inspection Events. Lists the top 5 computers for log inspection events in a table chart by device host name and count for the last 24 hours.

Top 5 Reasons for Log Inspection Events. Shows the top 5 reasons for log inspection events in a table chart by device host name and count for the last 24 hours.

Top 5 Descriptions for Log Inspection Events. Displays the top 5 descriptions for log inspection events in a table chart by device host name and count for the last 24 hours.

Trend Micro - Deep Security - Web Reputation

Web Reputation Event History. Displays the number and type of web reputation events in a column chart on a timeline for the last 24 hours.

Top 5 Computers for Web Reputation Events. Shows the top 5 computers that have had web reputation events by device host name and count for the last 24 hours.

Top 5 URLs for Web Reputation Events. Lists the top 5 URLs that have had web reputation events by URL and count for the last 24 hours.

Filters

The Sumo Logic App for Trend Micro - Deep Security provides the following filters:

  • file
  • severity
  • signature_id