Is anyone have experience getting Trellix Malware Events into InsightIDR.
Trellix has an API pull, InsightIDR. does not have a connector, and If we were to
create a script to pull, the format of the data would not be recognized as a aMalware event.
Might it be an options to look into Syslog and make a listener on the IDR collector? See documentation in link below.
Configure the syslog settings (trellix.com)