[trend_micro_vision_one] Add Support for Endpoint Activity and Network Activity Data Streams

packages/trend_micro_vision_one/_dev/build/docs/README.md

@@ -2,20 +2,24 @@
 
 ## Overview
 
-The [Trend Micro Vision One](https://www.trendmicro.com/en_in/business/products/detection-response.html) integration allows you to monitor Alert, Audit, Detection and Telemetry activity. Trend Micro Vision One refers to the ability to do detection and response across email, endpoints, servers, cloud workloads, and networks via a single Trend Micro Vision One platform or the managed Trend Micro Vision One service.
+The [Trend Micro Vision One](https://www.trendmicro.com/en_in/business/products/detection-response.html) integration allows you to monitor Alert, Audit, Detection, Endpoint activity, Network activity, and Telemetry activity. Trend Micro Vision One refers to the ability to do detection and response across email, endpoints, servers, cloud workloads, and networks via a single Trend Micro Vision One platform or the managed Trend Micro Vision One service.
 
 Use the Trend Micro Vision One integration to collects and parses data from the REST APIs. Then visualize that data in Kibana.
 
 ## Data streams
 
-The Trend Micro Vision One integration collects logs for four types of events: Alert, Audit, Detection and Telemetry.
+The Trend Micro Vision One integration collects logs for four types of events: Alert, Audit, Detection, Endpoint activity, Network activity, and Telemetry.
 
 **Alert** Displays information about workbench alerts. See more details in the doc [here](https://automation.trendmicro.com/xdr/api-v3#tag/Workbench/paths/~1v3.0~1workbench~1alerts/get).
 
 **Audit** Displays log entries that match the specified search criteria. See more details in the doc [here](https://automation.trendmicro.com/xdr/api-v3#tag/Audit-Logs).
 
 **Detection** Displays search results from the Detection Data source. See more details in the doc [here](https://automation.trendmicro.com/xdr/api-v3#tag/Search/paths/~1v3.0~1search~1detections/get).
 
+**Endpoint activity** Displays search results from the Endpoint activity Data source. See more details in the doc [here](https://automation.trendmicro.com/xdr/api-v3/#tag/Search/paths/~1v3.0~1search~1endpointActivities/get).
+
+**Network activity** Displays search results from the Network activity Data source. See more details in the doc [here](https://automation.trendmicro.com/xdr/api-v3/#tag/Search/paths/~1v3.0~1search~1networkActivities/get).
+
 **Telemetry** Displays telemetry events from the Datalake Pipeline API. See more details in the doc [here](https://automation.trendmicro.com/xdr/api-v3/#tag/Datalake-Pipeline).
 
 
@@ -39,12 +43,14 @@ This module has been tested against `Trend Micro Vision One API version 3.0`.
     - **Name**: A meaningful name that can help you identify the API key.
     - **Role**: The user role assigned to the key. API keys can use either predefined or custom user roles. Custom roles can be created by navigating to **Administration -> User Roles -> Add Role**. The role must have appropriate API access permission to fetch relevant data. The following table outlines the access permissions to apps and features needed to fetch relevant data from Trend Vision API.
 
-        | Datastream   | Section                                                      | Permissions                                        |
-        |--------------|--------------------------------------------------------------|----------------------------------------------------|
-        | Alert        | Platform Capabilities > XDR Threat Investigation > Workbench | `View, filter, and search`.                        |
-        | Audit        | Settings > Administration > Audit Logs                       | `View, filter, and search`, `Export and Download`. |
-        | Detection    | Platform Capabilities > XDR Threat Investigation > Search    | `View, filter, and search`.                        |
-        | Telemetry    | Platform Capabilities > XDR Threat Investigation > Search    | `View, filter, and search`.                        |
+        | Datastream        | Section                                                      | Permissions                                                  |
+        |-------------------|--------------------------------------------------------------|--------------------------------------------------------------|
+        | Alert             | Platform Capabilities > XDR Threat Investigation > Workbench | `View, filter, and search`.                                  |
+        | Audit             | Settings > Administration > Audit Logs                       | `View, filter, and search`, `Export and Download`.           |
+        | Detection         | Platform Capabilities > XDR Threat Investigation > Search    | `View, filter, and search`.                                  |
+        | Endpoint activity | Agentic SIEM and XDR > XDR Data Explorer                     | `View queries and Watchlist, and filter and search queries`. |
+        | Network activity  | Agentic SIEM and XDR > XDR Data Explorer                     | `View queries and Watchlist, and filter and search queries`. |
+        | Telemetry         | Platform Capabilities > XDR Threat Investigation > Search    | `View, filter, and search`.                                  |
 
         Refer to [Account Role Permissions](https://automation.trendmicro.com/xdr/Guides/Authentication) for more details.
 
@@ -93,6 +99,26 @@ This is the `detection` dataset.
 
 {{fields "detection"}}
 
+### endpoint activity
+
+This is the `endpoint activity` dataset.
+
+#### Example
+
+{{event "endpoint_activity"}}
+
+{{fields "endpoint_activity"}}
+
+### network activity
+
+This is the `network activity` dataset.
+
+#### Example
+
+{{event "network_activity"}}
+
+{{fields "network_activity"}}
+
 ### telemetry
 
 This is the `telemetry` dataset.