- Go to Administration > Notifications > Outbreak.
- In the Criteria tab:
- Go to the Virus/Malware and Spyware/Grayware sections:
- Specify the number of unique sources of detections.
- Specify the number of detections and the detection period for each security risk.
Apex One sends the notification after receiving 101 virus/malware detections within a 24-hour period.
- In the Criteria tab:
- Go to the Shared Folder Sessions section.
- Select Monitor shared folder sessions on your network.
- In Shared folder sessions recorded, click the number link to view the endpoints with shared folders and the endpoints accessing the shared folders.
- Specify the number of shared folder sessions and the detection period.
Apex One sends a notification message when the number of shared folder sessions is exceeded.
- In the Email tab:
- Go to the Virus/Malware Outbreaks, Spyware/Grayware Outbreaks, and Shared Folder Session Outbreaks sections.
- Select Enable notification via email.
- Specify the email recipients.
- Accept or modify the default email subject and message.
You can use token variables to represent data in the Subject and Message fields.
Table 1. Token Variables for Security Risk Outbreak Notifications Variable
Description
Virus/Malware outbreaks
%CV
Total number of viruses/malware detected
%CC
Total number of endpoints with virus/malware
Spyware/Grayware outbreaks
%CV
Total number of spyware/grayware detected
%CC
Total number of endpoints with spyware/grayware
Shared folder session outbreaks
%S
Number of shared folder sessions
%T
Time period when shared folder sessions accumulated
%M
Time period, in minutes
- Select additional virus/malware and spyware/grayware information to include in the email. You can include the agent/domain name, security risk name, date and time of detection, path and infected file, and scan result.
- Accept or modify the default notification messages.
- In the SNMP Trap tab:
- Go to the Virus/Malware Outbreaks and Spyware/Grayware Outbreaks sections.
- Select Enable notification via SNMP trap.
- Accept or modify the default message. You can use token variables to represent data in the Message field. See Table 1 for details.
- In the NT Event Log tab:
- Go to the Virus/Malware Outbreaks and Spyware/Grayware Outbreaks sections.
- Select Enable notification via NT Event Log.
- Accept or modify the default message. You can use token variables to represent data in the Message field. See Table 1 for details.
- Click Save.
Parent topic: Security Risk Outbreak Criteria and Notifications