web
You’re offline. This is a read only version of the page.
close

Online Help Center
  • Search
  • Support
    • For Home
    • For Business
  • English (US)
    • Bahasa Indonesia (Indonesian)
    • Dansk (Danish)
    • Deutsch (German)
    • English (Australia)
    • English (US)
    • Español (Spanish)
    • Français (French)
    • Français Canadien
      (Canadian French)
    • Italiano (Italian)
    • Nederlands (Dutch)
    • Norsk (Norwegian)
    • Polski (Polish)
    • Português - Brasil
      (Portuguese - Brazil)
    • Português - Portugal
      (Portuguese - Portugal)
    • Svenska (Swedish)
    • ภาษาไทย (Thai)
    • Tiếng Việt (Vietnamese)
    • Türkçe (Turkish)
    • Čeština (Czech)
    • Ελληνικά (Greek)
    • Български (Bulgarian)
    • Русский (Russian)
    • עברית (Hebrew)
    • اللغة العربية (Arabic)
    • 日本語 (Japanese)
    • 简体中文
      (Simplified Chinese)
    • 繁體中文
      (Traditional Chinese)
    • 繁體中文 HK
      (Traditional Chinese)
    • 한국어 (Korean)
This website uses cookies for website functionality and traffic analytics. Our Cookie Notice provides more information and explains how to amend your cookie settings.
Learn More Yes, I agree
Table of Contents
The page you're looking for can't be found or is under maintenance
Try again later or go to the home page
Go to home page
  • Privacy and Personal Data Collection Disclosure
  • Getting started with Cloud App Security APIs
    • Using Cloud App Security APIs
    • Generating an authentication token
    • Understanding the URL structure
    • Understanding the request header
  • Supported Cloud App Security APIs
    • Log retrieval API
      • Get security logs
        • Content mapping between log output and CEF syslog type
        • Get Virtual Analyzer report
      • Get quarantine events
      • Download quarantined emails
      • Installing the Trend Micro Cloud App Security Splunk add-on
        • Splunk dashboard configuration content
    • Threat investigation API
      • Sweep for email messages
    • Threat mitigation APIs
      • Take actions on user accounts
        • Assigning the user account administrator role
      • Take actions on email messages
      • Query action results
    • Threat remediation APIs
      • Update blocked lists
      • Get blocked lists
  • API responses
    • API result codes
  • Cloud App Security API usage examples
    • Using the log retrieval API sample script for Windows powershell
Threat mitigation APIs
Related information
  • Take actions on user accounts
  • Take actions on email messages
  • Query action results
Online Help Center
Support
For Home For Business
Privacy Notice
© 2025 Trend Micro Incorporated. All rights reserved.
Table of Contents
  • Privacy and Personal Data Collection Disclosure
  • Getting started with Cloud App Security APIs
    • Using Cloud App Security APIs
    • Generating an authentication token
    • Understanding the URL structure
    • Understanding the request header
  • Supported Cloud App Security APIs
    • Log retrieval API
      • Get security logs
        • Content mapping between log output and CEF syslog type
        • Get Virtual Analyzer report
      • Get quarantine events
      • Download quarantined emails
      • Installing the Trend Micro Cloud App Security Splunk add-on
        • Splunk dashboard configuration content
    • Threat investigation API
      • Sweep for email messages
    • Threat mitigation APIs
      • Take actions on user accounts
        • Assigning the user account administrator role
      • Take actions on email messages
      • Query action results
    • Threat remediation APIs
      • Update blocked lists
      • Get blocked lists
  • API responses
    • API result codes
  • Cloud App Security API usage examples
    • Using the log retrieval API sample script for Windows powershell
Close