View and manage the Trend Micro and third-party data sources that supply data to XDR Threat Investigation apps.
To enable XDR Threat Investigation capabilities, including threat detection and threat
hunting, you must have one or more Trend Micro or third-party data sources connected
to Trend Vision One. The XDR Layers section in the XDR Threat Investigation tab in Data Source and Log Management displays your connected Trend and third-party data sources that supply data to XDR
Threat Investigation apps in Trend Vision One along with connection status, data retention
period, and last sync time.
The following actions are available in the XDR Layers section.
|
Action
|
Description
|
||
|
View data source connection status
|
The Connection status column displays the data source connection status. If a particular data source has
an unexpected connection status, click the data source name to see details on how
to manage the connection.
|
||
|
View the data retention period for the data source
|
The Data retention period column displays how long collected data is available for correlation, analysis, and
threat hunting in Trend Vision One. Retention periods based on the current data retention
license are managed according to your active product licenses. To learn more, see
XDR data retention.
|
||
|
View data source details
|
Click a data source name to see more details about the data source and connection
status. You can also see where in Trend Vision One you can connect, disconnect, or
manage the data source.
|
||
|
Hide unconnected data sources
|
Click the toggle to hide data sources that are not connected to Trend Vision One.
|
The Third-Party Log Collection section displays details about your created log repositories and associated collectors.
You may also create and manage new log repositories and collectors. To learn more,
see Third-Party Log Collection.
 |
NoteThis feature is not available in all regions.
|
 |
ImportantThird-Party Log Collection capabilities require one or more deployed Service Gateways
with the Third-Party Log Collection Service installed.
|