Merge pull request #2123 from lvoloshyn-sekoia/lv/add_docs_for_trend_…

…micro_oat

Add docs for Trend Micro Vision One OAT

_shared_content/operations_center/integrations/trend_micro_vision_one_api_key.md

@@ -0,0 +1,20 @@
+### How to create an API token
+
+1. Log in the Trend Vision One console
+2. On the left panel, click `Administration` then click `API keys`
+
+    ![step 1](/assets/integration/cloud_and_saas/trend_micro_vision_one/01_administration.png)
+
+3. Click `Add API key`
+
+    ![step 2](/assets/integration/cloud_and_saas/trend_micro_vision_one/02_create_api_key.png)
+
+4. Type a name for the API key
+5. Select the `SIEM` role and an expiration time
+6. Check `status` to enable the API key
+
+    ![step 3](/assets/integration/cloud_and_saas/trend_micro_vision_one/03_create_api_key.png)
+
+7. Copy the API key and click `Close`
+
+    ![step 4](/assets/integration/cloud_and_saas/trend_micro_vision_one/04_save_api_key.png)

docs/integration/categories/endpoint/trend_micro_vision_one_oat.md

@@ -0,0 +1,33 @@
+uuid: 2345b987-a94a-4363-b7bc-a6e4a9efd98a
+name: Trend Micro Vision One Observed Attack Techniques [BETA]
+type: intake
+
+
+## Overview
+
+Trend Micro Vision One is an extended detection and response (XDR) platform that enhances threat detection, investigation, and response across multiple security layers. It provides a centralized view for improved security posture and faster threat remediation.
+This intake format will ingest Observed Attack Techniques from Trend Micro Vision One.
+
+!!! Warning
+    Important note - This format is currently in beta. We highly value your feedback to improve its performance.
+
+- **Supported environment**: SaaS
+- **Detection based on**: Alerts
+- **Supported application or feature**:
+    - Observed Attack Techniques
+
+## Configure
+
+{!_shared_content/operations_center/integrations/trend_micro_vision_one_api_key.md!}
+
+### Instruction on Sekoia
+
+{!_shared_content/integration/intake_configuration.md!}
+
+{!_shared_content/operations_center/integrations/generated/2345b987-a94a-4363-b7bc-a6e4a9efd98a.md!}
+
+{!_shared_content/integration/detection_section.md!}
+
+{!_shared_content/operations_center/detection/generated/suggested_rules_2345b987-a94a-4363-b7bc-a6e4a9efd98a_do_not_edit_manually.md!}
+
+{!_shared_content/operations_center/integrations/generated/2345b987-a94a-4363-b7bc-a6e4a9efd98a.md!}

docs/integration/categories/endpoint/trend_micro_vision_one_workbench.md

@@ -18,26 +18,7 @@ This integration will ingest Workbench Alerts from Trend Micro Vision One.
 
 ## Configure
 
-### How to create an API token
-
-1. Log in the Trend Vision One console
-2. On the left panel, click `Administration` then click `API keys`
-
-    ![step 1](/assets/integration/cloud_and_saas/trend_micro_vision_one/01_administration.png)
-
-3.  Click `Add API key`
-
-    ![step 2](/assets/integration/cloud_and_saas/trend_micro_vision_one/02_create_api_key.png)
-
-4. Type a name for the API key
-5. Select the `SIEM` role and an expiration time
-6. Check `status` to enable the API key
-
-    ![step 3](/assets/integration/cloud_and_saas/trend_micro_vision_one/03_create_api_key.png)
-
-7. Copy the API key and click `Close`
-
-    ![step 4](/assets/integration/cloud_and_saas/trend_micro_vision_one/04_save_api_key.png)
+{!_shared_content/operations_center/integrations/trend_micro_vision_one_api_key.md!}
 
 ### Instruction on Sekoia
 

mkdocs.yml

@@ -363,6 +363,7 @@ nav:
       - Trellix EDR: integration/categories/endpoint/trellix_edr.md
       - Trend Micro Apex One: integration/categories/endpoint/trend_micro_apex_one.md
       - Trend Micro Vision One Workbench: integration/categories/endpoint/trend_micro_vision_one_workbench.md
+      - Trend Micro Vision One Observed Attack Techniques: integration/categories/endpoint/trend_micro_vision_one_oat.md
       - VMWare ESXi: integration/categories/endpoint/vmware_esxi.md
       - VMWare VCenter: integration/categories/endpoint/vmware_vcenter.md
       - Windows: integration/categories/endpoint/windows.md