Using the Trend Micro Vision One Connector for Azure Sentinel

The Trend Micro Vision One connector enables Azure Sentinel to automatically ingest Workbench alert data through the Trend Micro Vision One API.

The connector includes the following resources that can enhance your monitoring and investigation capabilities.

  • Workbook that provides insights into alert trends and impacted hosts

  • Rule templates that you can use to create incidents for alerts based on severity

  1. Create an Azure Sentinel workspace.

    For more information, see https://docs.microsoft.com/en-us/learn/modules/create-manage-azure-sentinel-workspaces/.

  2. Configure and deploy the connector.

    For more information, see Deploying the Trend Micro Vision One Connector.

  3. Check ingested data in your Log Analytics workspace.

    For more information, see Checking Ingested Data in Log Analytics Workspace.