Information Technology Reference
In-Depth Information
TABLE 4-6
Endpoint Protection alert settings
Event
Description
Malware Is Detected
When you select this event, an alert is generated if malware is detected on
any computer within the collection. You can define the malware detection
threshold for the alert. Choose from the following options:
■
High - All Detections
An alert is generated whenever malware
is detected, regardless of the action the Endpoint Protection client
takes.
Medium - Detected, Pending Action
An alert is generated only
if one or more computers require a manual action to complete the
malware removal.
■
Low - Detected, Still Active
An alert is generated when there are
one or more computers in the collection on which detected malware
is still active.
■
The Same Type Malware Is
Detected On A Number Of
Computers
When you select this event, an alert is generated if the same malware has
been detected on a specified percentage of computers.
The Same Type Malware Is
Repeatedly Detected Within
The Specified Interval On A
Computer
When you select this event, an alert is generated if specific malware is
detected more than a specified number of times over a specified number
of hours.
Multiple Types Of Malware
Are Detected On The Same
Computer With The Specified
Interval
When you select this event, an alert is generated if more than a specified
number of malware types are detected over a specified number of hours on
computers in the monitored collection.
For each event, you also can specify the severity of the alert itself. Choose Critical,
Warning, or Information.
MORE INFO
CONFIGURING ALERTS
You can learn more about configuring alerts for Endpoint Protection in Configuration
EXAM TIP
Remember how antimalware policy priority works.
