Help
FortiSIEM Discussions
Bruce7x2
New Contributor III

Created on ‎01-17-2024 12:06 AM

Whether Support Log normalization of TrendMicro Apex Central

Dear teams,

 

There's any know whether FortiSIEM 7.0.0 (or above version) supports the log normalization of Trend Micro's Apex Central? 

 

I don't see the relevant information on the Document(External Systems Configuration Guide), so I come here to ask.

 

Best Regards,

Bruce Liu

Bruce Liu
Bruce Liu
Labels:
1027
0 Kudos
7 REPLIES 7
Stephen_G
Moderator
Moderator

Created on ‎01-21-2024 11:57 AM

Hello Bruce Liu,

 

Thank you for using the Community Forum. We will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.

 

Thanks,

Stephen - Fortinet Community Team
975
Anthony_E
Community Manager
Community Manager

Created on ‎01-23-2024 10:21 PM

Hello Bruce,

 

We are still looking for someone to help you.

We will come back to you ASAP.


Regards,

Anthony-Fortinet Community Team.
953
0 Kudos
Secusaurus
Contributor II

Created on ‎01-25-2024 06:28 AM

Hi Bruce,

 

Without having something to test, I can see that although there is no official documentation, there is a TrendMicro Apex Central Parser in the FSM, at least in version 7.1.

It looks quite sophisticated, so I suppose the FSM will get along with these logs. I think it expects Syslog.

If you have some (not personal!) example logs, I could hand them over to the parser and have a look about what it generates.

 

Best,

Christian

FCP & FCSS Security Operations | Fortinet Advanced Partner
FCP & FCSS Security Operations | Fortinet Advanced Partner
923
Hatibi
Staff
Staff

Created on ‎01-25-2024 06:34 AM

Hi Bruce,

 

i did an internal check and researched in our guides but there is currently no support or reference for log normalization of Trend Micro's Apex Central.

You can contact Fortinet Sales to submit a request to support and add this configuration in the official guides.


Regards

919
Bruce7x2
New Contributor III

Created on ‎02-03-2024 05:14 AM

Hi Team, I want to let you know that, according to the information I have, FortiSIEM does support Trend Micro’s Apex Central. I do appreciate everyone’s assistance and responses. You all are truly amazing

Bruce Liu
Bruce Liu
832
0 Kudos
FSM_FTNT
Staff
Staff

Created on ‎02-05-2024 02:59 AM

Hi Bruce, I'll look into the documentation, but as Christian points out, there is a parser for Apex Central.

 

Drop me a sample event (direct if easier) and we will check why it isnt parsing.

 

Thanks

814
0 Kudos
Bruce7x2
New Contributor III
In response to FSM_FTNT

Created on ‎03-12-2024 11:38 PM

Hi Team,

At present, we have not yet implemented it, we are just confirming in advance whether there is support.

Furthermore, the logs that will be collected after implementation may involve important information.

Regards,

Bruce Liu

If ApexOne (OfficeScan) does not provide support in our environment, I will seek assistance from the TAC team.

Thank you again for your response.

Bruce Liu
Bruce Liu
703
0 Kudos
Announcements

Welcome to your new Fortinet Community!

You'll find your previous forum posts under "Forums"

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.