Log Management | Trend Micro Service Central

Views:

Apex One keeps comprehensive logs about security risk detections, events, and updates. Use these logs to assess your organization's protection policies and to identify Security Agents at a higher risk of infection or attack. Also use these logs to check agent-server connection and verify that component updates were successful.

Apex One also uses a central time verification mechanism to ensure time consistency between Apex One server and agents. This prevents log inconsistencies caused by time zones, Daylight Saving Time, and time differences, which can cause confusion during log analysis.

Note

Apex One performs time verification for all logs except for Server Update and System Event logs.

The Apex One server receives the following logs from Security Agents:

Viewing Virus/Malware Logs
Viewing Spyware/Grayware Logs
Viewing Spyware/Grayware Restore Logs
Viewing Firewall Logs
Viewing Web Reputation Logs
Viewing Suspicious Connection Logs
Viewing Suspicious File Logs
Viewing C&C Callback Logs
Viewing Behavior Monitoring Logs
Viewing Predictive Machine Learning Logs
Viewing Device Control Logs
Viewing Scan Operation Logs
Viewing Data Loss Prevention Logs
Viewing Security Agent Update Logs
Viewing Connection Verification Logs

The Apex One server generates the following logs:

Apex One Server Update Logs
System Event Logs

The following logs are also available on the Apex One server and Security Agents:

Windows Event Logs
Apex One Server Logs
Security Agent Logs

Keywords: logs,log management