Data Sources

Data Sources

Threat information received from the following data sources prompts Threat Mitigator to issue mitigation tasks to the affected endpoints:

Endpoint Security Risk Logs

Threat Management Agent can monitor Trend Micro OfficeScan™ security risk logs and perform mitigation if necessary.

The log monitoring feature supports OfficeScan 10 or later and only checks virus/malware detection logs during Real-time Scan.

Threat mitigation is triggered when virus/malware detection logs contain any of the following scan results:

During threat mitigation, the agent retrieves the path of an infected file and then uses the Pattern-free Mitigation Engine to check for other files or processes associated with the infected file.

Threat Discovery Appliance

Register Threat Discovery Appliance to Threat Mitigator to allow the appliance to send threat event information. Registration is done from the Threat Discovery Appliance console.

To configure data sources:

  1. Select Monitor virus/malware logs to allow the agent to monitor security risk logs.

  2. Click Save.

  3. View the Threat Discovery Appliances registered to Threat Mitigator.

  4. Use the trash bin icon to remove Threat Discovery Appliance from the list. When you remove the appliance from the list, the appliance continues to send mitigation requests to Threat Mitigator, but Threat Mitigator ignores the requests. Unregister Threat Discovery Appliance from Threat Mitigator to prevent the appliance from sending mitigation requests. Unregistration is done from the Threat Discovery Appliance console.

See also: