May 30, 2025—Trend Vision One now supports Forcepoint logs in custom detection filters.
This update includes the following changes:
-
Alert Server Active Alert Queue Full
-
Connection Allowed
-
Connection Closed Abnormally
-
Connection Closed
-
Connection Discarded
-
Firewall Authentication New Configuration Successfully Installed
-
Firewall DHCP Reply Received
-
Firewall DHCP Request Received
-
Firewall IPsec Information
-
Firewall New IPsec VPN Connection
-
Firewall New Route Based VPN Connection
-
Firewall Protocol Agent Transport Protocol Violation
-
Firewall Related Connection
-
Firewall Synchronization Receiving Sync Messages
-
Firewall Synchronization State Sync Failed to Receive
-
Firewall System Security Policy Reload
-
Free Disk Space on Server Reached Alert Threshold
-
IKE Invalid Exchange Type
-
IKE Invalid KE Payload
-
IKE Invalid Next Payload
-
IKE Invalid Protocol ID
-
IKE Invalid Syntax
-
IKE No Proposal Chosen
-
IKE Rejected Message
-
IKE Retry Limit Reached
-
IKE SA Deleted
-
IKE SA Initiator Done
-
IKE SA Responder Done
-
IKE SA Responder Failed
-
IKE Starting Initiator Negotiation
-
IKE Starting Responder Negotiation
-
IKE Timeout
-
IKE Traffic Selector Unacceptable
-
IPSEC ESP SA Look-up Failure
-
IPsec SA Deleted
-
IPsec SA Initiator Done
-
IPsec SA Responder Done
-
Management Server Sign-in Failed
-
System Cluster-Protocol Event
-
System Policy Applied
-
System Policy Loaded
The related custom detection filters have been added to the tm-v1-detection-models GitHub repository. You can import these detection filters to your Trend Vision One environment to test
the new integration.
For more information about custom detection filters, see Create a custom filter.