I am always grateful for your help.
It is necessary to capture the log of the ”Trend Micro virus buster” transferred to SYSLOG.
”Trend Micro virus buster”:Virus Buster Corporate Edition
Is there an APP to use when importing?
Please give me some advice.
”virus buster” was OfficeScan . The following is a way to work together.
https://success.trendmicro.com/solution/1110826-splunk-integration-with-officescan-osce-10-6
”virus buster” was OfficeScan . The following is a way to work together.
https://success.trendmicro.com/solution/1110826-splunk-integration-with-officescan-osce-10-6
There was an app.However, this app only maps to CIM.
TA for Trend Micro OfficeScan
https://splunkbase.splunk.com/app/4392/
This TA for Splunk provide fields extractions from Trend Micro OfficeScan logs and mapping to the Malware CIM.
Trend Micro OfficeScan TA for Splunk. Fields extractions and CIM mapping