Creating Customized Alerts



Hello. You have arrived at an outdated topic. Please click this link to be redirected to the updated Endpoint Protection Admin Guide.

You can customize the alert messages sent to a distribution list for the following types of events:

  • Infection Detected — An immediate message sent when an endpoint reports an infection.
  • Endpoint Installed — An immediate message sent as soon as SecureAnywhere is installed on an endpoint and it reports into the Management Portal.
  • Infection Summary — A summary message that provides an overview of threats detected on endpoints. The summary can be scheduled for a daily, weekly, or monthly distribution.
  • Install Summary — A summary message that provides an overview of SecureAnywhere installations. The summary can be scheduled for a daily, weekly, or monthly distribution.

You can use the Create Alert wizard to define the messages and a distribution list, as described in this topic. You can also define a distribution list separately, as described in Creating a Distribution List.

To create a customized alert:

  1. From the main console, click the Alerts tab.



    The Alerts panel displays.



  2. From the Command bar, click the Create button.



    The Create Alert window displays.



  3. From the Alert Type drop-down menu, select an alert type.



  4. In the Alert Name field, enter a name for this alert.



  5. If you selected Threat Summary or Install Summary as the alert type, the Frequency field displays. Select the frequency for sending alerts
    • Daily
    • Weekly
    • Monthly
  6. Click the Next button.



    The Step 2 window displays.



  7. Select one of the following radio buttons to determine the list of recipients that you want to alert:
    • If you already created a distribution list, click Use existing list.



    • If you have not yet created a distribution list, click Create new list, enter a list name, then enter the email addresses.



  8. When you're done, click the Next button.
    The Step 3 window displays.



  9. In the Email title field, enter the subject head for the message.



  10. In the Email message body field, enter the text for the message.



  11. The wizard also provides data inputs within the text, which are variables you can use for automatically inserting such information as the hostname of the endpoint. Some data inputs are already displayed for you in the sample text. Data inputs are shown in brackets.
    To add your own data inputs, click inside the text where you want a variable to appear, then click the drop-down arrow for one of the Data Inputs buttons. There is one button for the email title and one for the email body body.
  12. Select from the data inputs, which are all described in the following table.
    Note: Depending on the type of alert message you are defining, only the applicable data inputs appear in the drop-down menu.
    DATA INPUTDESCRIPTION
    Hostname The name of the endpoint triggering the alert.
    Group Name The group assigned to the endpoint triggering the alert.
    Group Description A description of the group assigned to the endpoint triggering the alert.
    Policy Name The policy assigned to the endpoint triggering the alert.
    Keycode The keycode used for the endpoint triggering the alert.
    Current User The user of the endpoint triggering the alert.
    Console Name The name of the Console where the endpoint is included.
    First Seen The date and time when this event was first detected.
    Last Seen The date and time when this event was last detected.
    Last Infected The date and time the endpoint triggering the alert was last infected.
    Operating System The operating system version on the endpoint triggering the alert.
    Agent Version The version number of the SecureAnywhere software installed on the endpoint triggering the alert.
    MAC Address The Media Access Control (MAC) address on the network where the endpoint triggering the alert is installed.
    Workgroup The network workgroup where the endpoint is located, if any.
    Active Directory The name of the Active Directory.
    Infection List A list of infections.
    Infection Summary A summary of the infections.
    Install Summary A summary of the SecureAnywhere installations.
    Note: The following data points are unsupported in the Mac agent:
    • Workgroup
    • Active Directory
  13. To view the email message, click Preview.
  14. When you are done creating the message, click Finish.