Open menu

Real-Time Threat Monitoring settings


Main Dashboard > Select {Account} > Settings > Real-time monitoring settings > Update real-time settings

The Real-Time Threat Monitoring (RTM) settings allows you to install or update what is being live monitored in Trend Micro Cloud One™ – Conformity - once this stack has been created or modified, any event in the AWS account will be registered on the RTM event dashboard. We provide both Powershell and Bash scripts to set up the monitoring dashboard.

User Access

Real-Time Threat Monitoring Setup Requirements

On Linux you can install through the installer script. The script will download and install the latest version of Conformity Threat Monitoring on your AWS account.

  • Ensure CloudTrail is enabled. For details, see:CloudTrail Enabled
  • Install the latest(or 2.0.53 and later) AWS Command Line Interface version 2: For details, see: Installing the AWS CLI
  • Export your Access Key and Secret Access Key: For details, see: Configuring the AWS CLI



The keys used must belong to a user with access to:

  1. AWS CloudFormation
  2. AWS IAM Role
  3. AWS Lambda Function
  4. AWS Events Rule
  5. AWS Lambda Permission

  • Or switch your AWS profile

    export AWS_PROFILE=your-account-profile

Real-Time Threat Monitoring Setup

  1. To create or update Conformity Threat Monitoring, open a command prompt, copy the specifically generated command line for you and run it on your command-line interface.

    curl -L | bash -s

  2. After finishing the installation, open CloudFromation console ( and verify the status of CloudConformityMonitoring stack is CREATE_COMPLETE or UPDATE_COMPLETE when updating.
    The stack creation might take a while to complete.
  3. The above stack will create a series of CloudWatch Event Rules to monitor changes within your AWS account, and sends them to Conformity to ingest and process. You can view updates on Conformity in near real-time on the Real-time monitoring dashboard of your Conformity account.

  • You can re-run the same command to update your stack to get the latest updates from Conformity.
  • To delete Conformity Threat Monitoring from your account, open a command prompt or shell and run the following command.

curl -L | bash -s

Set up RTM Event Monitoring Dashboard

  1. You can set up RTM event monitoring dashboard by using:
    1. either Bash script
    2. or Powershell script