• Email
• Phone number
• Contact names
• IP Address

Optional: Free-Form Text field for customer user to provide additional information at their discretion. Please do not enter any personal or sensitive information.

Optional- Customers may submit feature requests and ideas to the Trend Micro XDR Product team. Please do not input any personal or sensitive information into the feedback form.

• Make a Suggestion

• Names (user, domain, file, object)
• UserID
• Email addresses
• IP addresses
• Browsing history
• Command history

Optional: User can save the search parameters for future queries.

• Endpoint name
• IP address
• Mac address

After customers agree to the Terms of Service, Privacy Notice and DataCollection Notice, the data collection can’t be disabled

To enable: Trend Micro XDR Terms of Service > I agree to the Terms of Service, Privacy Notice, and Data Collection Notice > Get Started

To disable: Open Task Scheduler on each endpoint and disable the "Trend Micro Endpoint Basecamp" scheduled task.

Run Windows Task Scheduler > Click Task Scheduler Library > right-click Trend Micro Endpoint Basecamp > Disable

• Account name
• User display name
• Group name
• User membership
• Mailbox account
• Email address

The data collection can't be disabled when customers use Email Inventory.

• To enable: Email Inventory > configure the following:
  • Use the Exchange Web Service Managed API for quarantine management
  • Use the Graph API to access all mailboxes
  • Access the user profiles and mailboxes
• To disable: Click the Help icon > Contact Support, and open a support ticket.

  

• Command line
• File name
• File owner
• File signer
• Host name
• IP address
• Process owner
• Registry data
• User name
• URL
• Windows event log

• To enable: Endpoint Inventory > Available endpoints tab > [select endpoint] > Enable

  

• To Disable: Endpoint Inventory > Reporting to XDR tab > [select endpoint] > Disable

Data transmitted relates to sign-on activities.

• User information

  • userID
  • userDisplayName
  • userPrincipalName
  • ipAddress
  • location (city, state and country)
  • mailAddress
  • jobTitle
  • department
  • givenname
  • surname
  • mailNickname
  • imAddresses
• application being used (appID, appDisplayName ,clientAppUsed)
• createdDateTime
• devicedetail (browser and OS)

Contact Trend Micro Technical Support to turn off data transmission in order to prevent collecting logs in the future.

Data transmitted relates to an access to a URL (an event).

• Eventhour : the time the event happens.
• Src : IP address from where the event is initiated.
• Hostname : from where the event is initiated.
• Website : the URL
• Count : times of the access (aggregated)
• Username : user who initiates the event.

Contact Trend Micro Technical Support to turn off data transmission in order to prevent collecting logs in the future.