Views:

Set up the Cyber Risk Exposure Management for Splunk integration to allow Splunk to share website access logs and provide insights to TrendAI Vision One™.

Procedure

  1. In the TrendAI Vision One™ console, obtain the authentication token.
    1. In TrendAI Vision One™, go to Workflow and AutomationThird-Party Integrations.
    2. Locate and click the Cyber Risk Exposure Management for Splunk card.
    3. Click ServiceGatewayCopyIcon=GUID-EE08C798-0F99-467B-996A-93D14044BF0E.png to copy the Authentication token.
  2. Download and install the Trend Micro Cyber Risk Exposure Management for Splunk app from Splunkbase.
    1. Go to Splunk and select Splunkbase from the Resources drop-down.
    2. Search for and download the Trend Micro Cyber Risk Exposure Management for Splunk app from Splunkbase.
    3. Install the Trend Micro Cyber Risk Exposure Management for Splunk app.
  3. Use the authentication token to configure the integration in the Splunk console.
    Note
    Note
    For more information, see Splunkbase - Trend Micro Cyber Risk Exposure Management for Splunk.
    1. In the Splunk console, go to AppsTrend Micro Cyber Risk Exposure Management for Splunk.
    2. Go to Configuration.
    3. In the User Account section, specify your account name and contact email address.
    4. In the Trend Vision One Integration section, enable TrendAI Vision One™ integration and paste in the Authentication token copied from the TrendAI Vision One™ console.
    5. Click Save.
      Splunk begins collecting and analyze XDR data from TrendAI Vision One™. Splunk can only collect XDR data generated after connecting to TrendAI Vision One™. You might need to allow some time before new XDR data starts to appear.