Skip to main content


Splunk Lantern

Trend Micro


The Trend Micro platform delivers central visibility for better, faster detection and response, and a powerful range of advanced threat defense techniques optimized for environments, like AWS, Microsoft, and Google.

Before looking at documentation for specific data sources, review the Splunk Docs information on general data ingestion: 

Getting data in

Source Add-ons and Apps Guidance
Risk Insights

Splunk platform

Trend Micro Risk Insights for Splunk extracts website access logs from Splunk and uploads the data to Trend Micro. Trend Micro then analyzes the data and provides Identity and Risk Insights for your entire organization allowing administrators to track their users' cloud application access.

Deep Security

Splunk platform

Trend Micro Deep Security provides Splunk with the real-time, actionable security intelligence required to confidently move workloads from physical to virtual and cloud computing environments. 
Apex One

Splunk platform

This add-on allows for ingestion and transformation of CEF syslog data from Apex One as a Service.
Cloud App Security

Splunk platform

The Trend Micro Cloud App Security Add-On allows you to view the security detection statistics of your protected cloud applications and services directly on the Splunk dashboard.
Vision One (XDR)

Splunk platform

The Trend Micro XDR Splunk Add-On allows customers to receive Trend Micro XDR Workbench Alerts inside Splunk, including impacted host, users and applicable indicators. From here, security analysts can easily drill down for deeper analysis and response.
Threat Indicator Assessment

Splunk platform

Trend Micro Threat Indicator Assessment for Splunk scans endpoint activity data for file-based threat indicators from global intelligence sources. The app only supports data that complies with the Splunk Common Information Model (CIM).