DataDog · shubhamvekariya-crest · Sep 26, 2024 · Sep 26, 2024 · Sep 26, 2024 · Sep 26, 2024
@@ -1,43 +1,54 @@
-# Agent Check: trellix_endpoint_security
-
 ## Overview
 
-This check monitors [trellix_endpoint_security][1].
+[Trellix Endpoint Security (ENS)][1] protects servers, computer systems, laptops, and tablets against known and unknown threats. These threats include malware, suspicious communications, unsafe websites, and downloaded files. Trellix Endpoint Security enables multiple defense technologies to communicate in real time to analyze and protect against threats.
 
-## Setup
+This integration ingests the following logs:
 
-### Installation
+- **Threat Events**: This endpoint provides details about threat events triggered by Trellix Endpoint Security, including threat prevention, web control, firewall, and adaptive threat protection.
 
-The trellix_endpoint_security check is included in the [Datadog Agent][2] package.
-No additional installation is needed on your server.
+This integration provides enrichment and visualization for above mentioned event types. It helps to visualize detailed insights into security trends, threats, and policy violations through the out-of-the-box dashboards. Also, This integration provides out of the box detection rules.
+
+## Setup
 
 ### Configuration
 
-!!! Add list of steps to set up this integration !!!
+#### Get Credentials of Trellix Endpoint Security
 
-### Validation
+1. Log in to the Trellix ePO Saas.
+2. Navigate to the **Trellix Developer Portal[2]**.
+3. Under **Self-Service**, select **API Access Management**.
+4. In the **Credential Configurations** section, provide the following details:
+   - **Client Type**: Enter a descriptive and identifiable name.
+   - **APIs**: Choose **Events** from the dropdown.
+   - **Method Types**: Select **GET**.
+5. Click **Request** to submit the request. It typically takes 2-3 days to process. You will be notified once your credentials are ready.
+6. When your credentials are available, generate your Client credentials by clicking **Generate** under **Create Client Credentials**.
+7. Copy the API key from **Access Management**, along with the Client ID and Client Secret, from **Create Client Credentials**.
 
-!!! Add steps to validate integration is functioning as expected !!!
+#### Add your Trellix Endpoint Security credentials
+
+- Client ID
+- Client Secret
+- API Key
 
 ## Data Collected
 
-### Metrics
+### Logs
 
-trellix_endpoint_security does not include any metrics.
+The Trellix Endpoint Security integration collects and forwards events related to threat prevention, web control, firewall, and adaptive threat protection to Datadog.
 
-### Service Checks
+### Metrics
 
-trellix_endpoint_security does not include any service checks.
+The Trellix Endpoint Security integration does not include any metrics.
 
 ### Events
 
-trellix_endpoint_security does not include any events.
+The Trellix Endpoint Security integration does not include any events.
 
-## Troubleshooting
+## Support
 
-Need help? Contact [Datadog support][3].
+For additional assistance, contact [Datadog support][3].
 
-[1]: **LINK_TO_INTEGRATION_SITE**
-[2]: https://app.datadoghq.com/account/settings/agent/latest
+[1]: https://www.trellix.com/products/endpoint-security/
+[2]: https://developer.manage.trellix.com/mvision/selfservice/home
 [3]: https://docs.datadoghq.com/help/
-