What are the types of notifications and when are they sent?

Article:HOWTO81339  |  Created: 2012-10-25  |  Updated: 2014-09-21  |  Article URL http://www.symantec.com/docs/HOWTO81339
Article Type
How To



What are the types of notifications and when are they sent?

Symantec Endpoint Protection Manager provides notifications for administrators. You can customize most of these notifications to meet your particular needs. For example, you can add filters to limit a trigger condition only to specific computers. Or you can set notifications to take specific actions when they are triggered.

By default, some of these notifications are enabled when you install Symantec Endpoint Protection Manager. Notifications that are enabled by default are configured to log to the server and send email to system administrators.

See Managing notifications

See How upgrades from another version affect notification conditions

Table: Preconfigured notifications

Notification

Description

Client list changed

This notification triggers when there is a change to the existing client list. This notification condition is enabled by default.

Client list changes can include:

  • The addition of a client

  • A change in the name of a client

  • The deletion of a client

  • A change in the hardware of a client

This notification is enabled by default.

Client security alert

This notification triggers upon any of the following security events:

  • Network Threat Protection events

  • Traffic events

You can modify this notification to specify the type, severity, and frequency of events that determine when these notifications are triggered.

Some of these occurrence types require that you also enable logging in the associated policy.

Download Protection content out-of-date

Alerts the administrators about out-of-date Download Protection content. You can specify the age at which the definitions trigger the notification.

IPS signature out-of-date

Alerts the administrators about out-of-date IPS signatures. You can specify the age at which the definitions trigger the notification.

Licensing issue

Paid license expiration

This notification alerts administrators and, optionally, partners, about the paid licenses that have expired or that are about to expire.

This notification is enabled by default.

Licensing issue

Over-deployment

This notification alerts administrators and, optionally, partners, about over-deployed paid licenses.

This notification is enabled by default.

Licensing issue

Trial license expiration

This notification alerts administrators about expired trial licenses and the trial licenses that are due to expire in 60, 30, and 7 days.

This notification is enabled by default if there is a trial license. It is not enabled by default if your license is due for an upgrade or has been paid.

This notification is enabled by default.

New risk detected

This notification triggers whenever virus and spyware scans detect a new risk.

New software package

This notification triggers when a new software package downloads or the following occurs:

  • LiveUpdate downloads a client package.

  • The management server is upgraded.

  • The console manually imports client packages.

You can specify whether the notification is triggered only by new security definitions, only by new client packages, or by both. By default, the Client package setting option is enabled and the Security definitions option is disabled for this condition.

The New client software notification is enabled by default.

Risk outbreak

This notification alerts administrators about security risk outbreaks. You set the number and type of occurrences of new risks and the time period within which they must occur to trigger the notification. Types of occurrences include occurrences on any computer, occurrences on a single computer, or occurrences on distinct computers.

This notification condition is enabled by default.

Server health

Server health issues trigger the notification. The notification lists the server name, the health status, the reason, and the last online or offline status.

This notification is enabled by default.

Single risk event

This notification triggers upon the detection of a single risk event and provides details about the risk. The details include the user and the computer involved, and the actions that the management server took.

SONAR definition out-of-date

Alerts the administrators about out-of-date SONAR definitions. You can specify the age at which the definitions trigger the notification.

System event

This notification triggers upon certain system events and provides the number of such events that were detected.

System events include the following events:

  • Server activities

  • System errors

Virus definitions out-of-date

Alerts the administrators about out-of-date virus definitions. You can specify the age at which the definitions trigger the notification.

This notification is enabled by default.



Article URL http://www.symantec.com/docs/HOWTO81339


Terms of use for this information are found in Legal Notices