Skip to content

[trend_micro_vision_one] Add Support for Endpoint Activity and Network Activity Data Streams #16354

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
mohitjha-elastic merged 4 commits into from
Dec 12, 2025
Merged

[trend_micro_vision_one] Add Support for Endpoint Activity and Network Activity Data Streams #16354

mohitjha-elastic merged 4 commits into from
Dec 12, 2025

Conversation

@mohitjha-elastic
Copy link
Collaborator

@mohitjha-elastic mohitjha-elastic commented Dec 7, 2025

Proposed commit message

trend_micro_vision_one: add support for endpoint activity and network activity data streams.

Adds support for collecting endpoint activity and network activity data from Trend Micro Vision One. 
Uses the Vision One Endpoint Activity API [1] and Network Endpoint API [2] to ingest the required logs.
Updates the necessary schemas and documentation to enable these new data streams.

[1] https://automation.trendmicro.com/xdr/api-v3/#tag/Search/paths/~1v3.0~1search~1endpointActivities/get
[2] https://automation.trendmicro.com/xdr/api-v3/#tag/Search/paths/~1v3.0~1search~1networkActivities/get

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.
  • I have verified that any added dashboard complies with Kibana's Dashboard good practices

How to test this PR locally

  • Clone integrations repo.
  • Install elastic package locally.
  • Start elastic stack using elastic-package.
  • Move to integrations/packages/trend_micro_vision_one directory.
  • Run the following command to run tests.

elastic-package test -v

Related Issue

Screenshots

Screenshot_5-12-2025_165438_127 0 0 1
Screenshot_5-12-2025_165142_127 0 0 1

@mohitjha-elastic mohitjha-elastic self-assigned this Dec 7, 2025
@mohitjha-elastic mohitjha-elastic added documentation Improvements or additions to documentation. Applied to PRs that modify *.md files. enhancement New feature or request dashboard Relates to a Kibana dashboard bug, enhancement, or modification. Integration:trend_micro_vision_one Trend Micro Vision One Team:Security-Service Integrations Security Service Integrations team [elastic/security-service-integrations] Team:Sit-Crest Crest developers on the Security Integrations team [elastic/sit-crest-contractors] labels Dec 7, 2025
@elastic-vault-github-plugin-prod
Copy link

elastic-vault-github-plugin-prod bot commented Dec 7, 2025

🚀 Benchmarks report

To see the full report comment with /test benchmark fullreport

@mohitjha-elastic mohitjha-elastic marked this pull request as ready for review December 7, 2025 19:45
@mohitjha-elastic mohitjha-elastic requested a review from a team as a code owner December 7, 2025 19:45
@elasticmachine
Copy link

elasticmachine commented Dec 7, 2025

Pinging @elastic/security-service-integrations (Team:Security-Service Integrations)

efd6
efd6 reviewed Dec 7, 2025
View reviewed changes
@mohitjha-elastic
Resolve review comments.
c6b5758 
1. Removed extra new line from fields.yml
2. Change date formats in date processor in pipeline.
3. Restructure the cel code.
@elasticmachine
Copy link

elasticmachine commented Dec 11, 2025

💚 Build Succeeded

History

cc @mohitjha-elastic

@mohitjha-elastic mohitjha-elastic merged commit 4598dc6 into elastic:main Dec 12, 2025
8 checks passed
@mohitjha-elastic mohitjha-elastic deleted the trend_micro_vision_one-2.5.0 branch December 12, 2025 06:59
@elastic-vault-github-plugin-prod
Copy link

elastic-vault-github-plugin-prod bot commented Dec 12, 2025

Package trend_micro_vision_one - 2.6.0 containing this change is available at https://epr.elastic.co/package/trend_micro_vision_one/2.6.0/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@efd6 efd6 efd6 approved these changes

Assignees

@mohitjha-elastic mohitjha-elastic

Labels

dashboard Relates to a Kibana dashboard bug, enhancement, or modification. documentation Improvements or additions to documentation. Applied to PRs that modify *.md files. enhancement New feature or request Integration:trend_micro_vision_one Trend Micro Vision One Team:Security-Service Integrations Security Service Integrations team [elastic/security-service-integrations] Team:Sit-Crest Crest developers on the Security Integrations team [elastic/sit-crest-contractors]

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@mohitjha-elastic @elasticmachine @efd6