Alert Notification Message Tokens

The user name of the account that Deep Discovery Email Inspector locks

Where allowed:

Examples:

The action that Deep Discovery Email Inspector took on the processed message

Where allowed:

Examples:

The average time in minutes it takes to queue and analyze messages in the past hour

Where allowed:

Examples:

The list of components.

Where allowed:

Examples:

The Deep Discovery Email Inspector management console URL.

Where allowed:

Example:

The maximum CPU usage as a percentage allowed before Deep Discovery Email Inspector sends an alert notification

Where allowed:

Examples:

The total CPU utilization as a percentage

Where allowed:

Examples:

The date and time that the Deep Discovery Email Inspector received the email message

Where allowed:

Examples:

The number of days before the product license for Advanced Threat Protection expires

Where allowed:

Examples:

The number of days before the product license for Gateway Module expires

Where allowed:

Examples:

The number of email messages in the deferred queue waiting for Deep Discovery Email Inspector to process.

Where allowed:

Example:

The number of email messages in the delivery queue waiting for Deep Discovery Email Inspector to process.

Where allowed:

Examples:

The number of messages detected with suspicious characteristics during the specified period of time

Where allowed:

Examples:

The maximum number of messages detected to have suspicious characteristics before Deep Discovery Email Inspector sends an alert notification

Where allowed:

Examples:

The IP address of the Deep Discovery Email Inspector appliance

Where allowed:

Example:

The host name of the Deep Discovery Email Inspector appliance

Where allowed:

Example:

Recommendations on how to resolve the issue

Where allowed:

The lowest amount of disk space in GB before Deep Discovery Email Inspector send an alert notification

Where allowed:

Examples:

The day the product license for Advanced Threat Protection expires

Where allowed:

Examples:

The day the product license for Gateway Module expires

Where allowed:

Examples:

%Interval%

The frequency that Deep Discovery Email Inspector checks the message processing volume in minutes

Where allowed:

Examples:

The current status of the product license for Advanced Threat Protection

Where allowed:

Examples:

For details, see Product License Status.

The current status of the product license for Gateway Module

Where allowed:

Examples:

For details, see Product License Status.

The Advanced Threat Protection product license type

Where allowed:

Examples:

The Gateway Module product license type

Where allowed:

Examples:

The maximum memory usage as a percentage allowed before Deep Discovery Email Inspector sends an alert notification.

Where allowed:

Example: 90

The total memory utilization as a percentage.

Where allowed:

Example: 90

The list of detected messages, which includes the risk level, threat name, action taken, message ID, recipients, sender, recipient, subject, top three most risky attachment details, and when the message was received.

This token also provides the names of detected threats for the following alert notifications:

Where allowed:

Examples:

==============
Risk: High (Suspicious 
File)
Action: Action set to
 'pass'
Threat Name: EMERGING-
THREAT_GENERIC.ERS|VAN
_DROPPER.UMXX
Message ID: <E1fk6FQ-0
0073X-Ns@funimo.com>
Recipients: relay@njrel
ay.itlab.trendmicro.com
Sender: aliconwamonic@ya
hoo.com
Subject: Our Order#65017
32
Attachment: 65017832.xls
 (Excel 95 or 97 spreads
heet), Company Profile.Z
IP(ZIP archive)
Detected: 2018-07-30 19:
41:23
================

================ 
Risk: Medium (Maliciou
s URL) 
Action:  Quarantined 
Threat Name: LOW-REPUT
ATION-URL_BLOCKED-LIST
.SCORE.WRS 
Message ID: <201809032
10849.3B4D93A06C9@ddei
155.localdomain
Recipients: bvt@ddei.co
m Sender: test@test.com
Subject: Te_%*s'<>?|\@~
$%^&#$!`~(=-+<>;:.){[]}
(`)+=-_t"ddd, Attachmen
t: (Link only)
Detected: 2018-09-03 21:
08:51
================

================
Message ID: <5C32BC03.
9090201@test.com>
Recipients: test@test.
com;test@test1.com
Sender: test@test.com
Subject: 1033
Attachment: (Link only)
DLP templates (Data id
entifiers): 
templateName (China: M
obile Phone Number )
Detected: 2019-02-25 01:
07:42
================

The list of unreachable MTAs. Each MTA appears as an IP address and the port number.

Where allowed:

Examples:

The total number of processed messages over the specified period of time

Where allowed:

Examples:

The maximum number of processed messages during the specified time frame before Deep Discovery Email Inspector sends an alert notification

Where allowed:

Examples:

The maximum number of messages in the delivery queue before Deep Discovery Email Inspector sends an alert notification

Where allowed:

Examples:

The maximum amount of time allocated for average sandbox processing before Deep Discovery Email Inspector sends an alert notification

Where allowed:

Examples:

The email message count in the sandbox queue waiting to be analyzed by Virtual Analyzer

Where allowed:

Examples:

The maximum number of messages in the sandbox queue before Deep Discovery Email Inspector sends an alert notification

Where allowed:

Examples:

%ServiceList%

The list of services affected by the connection issue

Where allowed:

Example:

%ServiceName%

The stopped Deep Discovery Email Inspector service

Where allowed:

Where allowed:

Example:

The total number of messages with unsuccessful DKIM signing

Where allowed:

Example: