Skip to main content

Trend Micro Email Security Event Collector

This Integration is part of the Trend Micro Email Security Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.8.0 and later.

Palo Alto Networks Trend Micro Email Security Event Collector integration for XSIAM.

Configure Trend Micro Email Security Event Collector on Cortex XSIAM#

  1. Navigate to Settings > Configurations > Data Collection > Automations & Feed Integrations.

  2. Search for Trend Micro Email Security Event Collector.

  3. Click Add instance to create and configure a new integration instance.

    Service URLTrue
    API KeyTrue
    Trust any certificate (not secure)False
    Use system proxy settingsFalse
    Hide sensitive details from emailFalse
    The maximum number of events per fetch.The maximum number of events to fetch every time fetch is executed.False
  4. Click Test to validate the URLs, token, and connection.

Note: There are three types of events that the integration fetches, When the max fetch parameter is set to 1000 then 1000 logs will be retrieved from each type so that a total of 3000 logs can be retrieved.


You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.


Manual command to fetch events and display them.

Base Command#



Argument NameDescriptionRequired
max_fetchThe maximum number of events to get. Default is 500.Optional
sinceOccurrence time of the least recent event to include (inclusive). Default is 3 days.Optional
should_push_eventsIf true, the command will create events, otherwise it will only display them. Possible values are: true, false. Default is false.Required

Context Output#

There is no context output for this command.