This quick start guide will help Accenture MDR customers configure Trend Micro™ Deep Discovery™ Inspector to send logs to the Log Collection Platform (LCP).
...
Table 1-2: The Trend Micro Deep Discovery Inspector event collector (Syslog - 3764 )properties to be configured by MDR are shown in the table.
Property | Default Value | Description |
Transport Protocol | UDP | The default protocol for syslog. The LCP can also accept logs in TCP. Note: While TCP offers guaranteed delivery of log packets, it places a larger overhead on the LCP. To balance TCP for reliability over UDP for speed/simplicity, contact the MDR onboarding team. |
IP Address |
| Logging device IP address mentioned in the Pre-Installation Questionnaire (PIQ). Note: If the device sends logs using multiple interfaces, contact the Accenture Security MDR onboarding team. |
Signatures | Trend Micro,Deep Discovery Inspector | MDR recommended signatures processed by the Trend Micro Deep Discovery Inspector event collector. |
Port | 514 | The default port for syslog. For TCP, the default port is 601. Note: The LCP can be configured to listen on a non-standard port, please advise the MDR onboarding team if this is a requirement. |
...