diff --git a/Trend Micro/trend-micro-vision-one-oat/ingest/parser.yml b/Trend Micro/trend-micro-vision-one-oat/ingest/parser.yml
index 20e6e7552..4df78b029 100644
--- a/Trend Micro/trend-micro-vision-one-oat/ingest/parser.yml	
+++ b/Trend Micro/trend-micro-vision-one-oat/ingest/parser.yml	
@@ -41,6 +41,7 @@ stages:
           event.end: "{{parsed_event.message.detail.lastSeen | to_rfc3339}}"
           event.provider: "{{parsed_event.message.pname}}"
           event.reason: "{{parsed_event.message.description}}"
+          event.dataset: "{{parsed_event.message.source}}"
 
           host.id: "{{parsed_event.message.detail.endpointGuid}}"
           host.os.name: "{{parsed_event.message.detail.osName}}"
diff --git a/Trend Micro/trend-micro-vision-one-oat/tests/test_observed_attack_technique_1.json b/Trend Micro/trend-micro-vision-one-oat/tests/test_observed_attack_technique_1.json
index d5d205d40..9edfd67c2 100644
--- a/Trend Micro/trend-micro-vision-one-oat/tests/test_observed_attack_technique_1.json	
+++ b/Trend Micro/trend-micro-vision-one-oat/tests/test_observed_attack_technique_1.json	
@@ -8,6 +8,7 @@
       "category": [
         "intrusion_detection"
       ],
+      "dataset": "endpointActivityData",
       "end": "2022-04-12T23:43:15Z",
       "start": "2022-04-12T23:43:15Z",
       "type": [
diff --git a/Trend Micro/trend-micro-vision-one-oat/tests/test_observed_attack_technique_2.json b/Trend Micro/trend-micro-vision-one-oat/tests/test_observed_attack_technique_2.json
index 75fff3679..72fd5d18c 100644
--- a/Trend Micro/trend-micro-vision-one-oat/tests/test_observed_attack_technique_2.json	
+++ b/Trend Micro/trend-micro-vision-one-oat/tests/test_observed_attack_technique_2.json	
@@ -8,6 +8,7 @@
       "category": [
         "intrusion_detection"
       ],
+      "dataset": "endpointActivityData",
       "end": "2024-11-26T16:45:02.571000Z",
       "start": "2024-11-26T16:45:02.571000Z",
       "type": [
diff --git a/Trend Micro/trend-micro-vision-one-oat/tests/test_observed_attack_technique_3.json b/Trend Micro/trend-micro-vision-one-oat/tests/test_observed_attack_technique_3.json
index fb5a2d23f..346af1c39 100644
--- a/Trend Micro/trend-micro-vision-one-oat/tests/test_observed_attack_technique_3.json	
+++ b/Trend Micro/trend-micro-vision-one-oat/tests/test_observed_attack_technique_3.json	
@@ -8,6 +8,7 @@
       "category": [
         "intrusion_detection"
       ],
+      "dataset": "endpointActivityData",
       "end": "2024-11-26T16:45:03.446000Z",
       "start": "2024-11-26T16:45:01.774000Z",
       "type": [