TMWS keeps comprehensive logs about threat detections and security-related events. Use these logs to assess your organization's protection policies and to identify resources at a higher risk of infection or attack.
TMWS saves logs for 180 days.
Administrators can query logs for as long as 31 days from the past 180 days.
The time displayed in each log entry is subject to the time zone of your organization as registered on the Customer Licensing Portal page. To change the time zone, go to the Customer Licensing Portal at https://tm.login.trendmicro.com.
This option controls whether the TMWS on-premises gateways deployed in your organization send logs generated on them to the TMWS cloud. When this option is turned off, logs on the on-premises gateways will not display and cannot be queried on the TMWS management console.
By default, this option is set to On.
TMWS provides the following three type of logs: