Trend Micro Vision One integration

Hello again,

I have installed the Trend micro vision one integration, I have already done the process of placing the URL and the API Key and everything was accepted without any error.

My question is why it is asking me to associate agents at the time of finalizing the configuration, as I understand this integration is to obtain the logs generated by the management console that controls all trend micro products.

Could you please help me to understand it well?

After a lot of reading, research, trial and error, I managed to solve the problem.

As the documentation is not clear, in the “URL” field I was putting the URL of the portal that the administrator of my company uses to manage the “Trend Micro Vision One” solution but it turns out that this was not the URL.

You must enter the URL intended for the API according to the region you are in by putting https at the beginning.
Trend Vision One Automation Center

This solved the problem.

Note: In the policy that asks you at the end of the configuration you must create a policy where the Agent that will make the API connection and collect the logs is located.

Hi @juancamiloll,

Thanks for flagging this and apologies for any confusion caused by our lack of guidance on the supported URL formats. I've just created this issue and we'll aim to improve the guidance and workflow for configuring the URL: [Trend Micro Vision One] Add guidance to URL parameter · Issue #11319 · elastic/integrations · GitHub