About alert notifications for out-of-date virus definitions

Article:HOWTO82485  |  Created: 2012-11-30  |  Updated: 2014-06-25  |  Article URL http://www.symantec.com/docs/HOWTO82485
Article Type
How To



About alert notifications for out-of-date virus definitions

Mail Security provides the following methods for notifying administrators when virus definitions are older than the configured number of days.

  • An alert notification email is sent to the administrator.

  • An event is logged in the system's event log with event ID 404.

Mail Security checks at least once a day whether the current virus definitions are latest or out of date. If virus definitions are found outdated, then Mail Security sends an email notification to the administrator. Mail Security continues to send periodic notifications until it gets a new definition set.

Administrator can specify the frequency of sending notifications when an old definition is found. By default, an email notification is sent to the administrator after every six hours. Administrator can set the frequency of sending notifications at an hour-level granularity.

Administrator can configure the number of days an outdated virus definition can remain on the system after which an alert notification is sent. This configuration is done by specifying values for the registry keys DefsMonitorDaysThreshold and DefsMonitorResendIntervalInHr

The path for these registry keys for 32-bit platform is: HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\SMSMSE\7.5\Server\ Components\LiveupdateConfig

The path for these registry keys for 64-bit platform is: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Symantec\SMSMSE\ 7.5\Server\ Components\LiveupdateConfig

Table: Registry key settings lists the registry keys for this feature, their data types, and possible values.

Table: Registry key settings

Registry key

Data type

Purpose

DefsMonitorDaysThreshold

REG_DWORD

Specifies the number of days after which a definition is considered as old and a notification is sent to the administrator.

The default value of this registry key is two days. If the value of the registry key is set to zero, then administrator is not notified about the old virus definitions. The minimum value of this registry key is two.

DefsMonitorResendIntervalInHr

REG_DWORD

Specifies the interval (in hours) at which a notification is sent to the administrator.

The default value of this registry key is six hours. The minimum value of this registry key is one.

Note:

With this feature, Mail Security has discontinued using the older mechanism of sending alerts on LiveUpdate failure.


Legacy ID



v49952370_v82634657


Article URL http://www.symantec.com/docs/HOWTO82485


Terms of use for this information are found in Legal Notices