Video Screencast Help

About Alert

Created: 10 Jun 2013 | 4 comments

 We created Single Risk Event notification, and set the tamper to 20 mins. When we received the "Single Risk Event", there will be another email with subject "CRITICAL: NETWORK VIRUS DETECTED" received 10 mins after every "Single Risk Event" email.
May I know what  type of notification or report setting define and trigger "CRITICAL: NETWORK VIRUS DETECTED" email?
Is this a notification or report?
If it is a report, how can it be generated in 10 mins after each notification, and be received many times in 1 day? As I know, report can only be sent once per day. Thanks

Operating Systems:

Comments 4 CommentsJump to latest comment

pete_4u2002's picture

what is the SEPM version?

disable the notifications that have been set.

Chetan Savade's picture


There are two weekly scheduled reports & seven pre-defined notifications configured by Symantec.

Delete the notification and recreate it & check whether it makes any difference or not?

This is the only notifcation showing incorrect information?

Schedule Reports location: SEPM --> Reports --> Scheduled Reports

Predefined Notifications location:

SEPM--> Monitors--> Notifications --> View Notifications --> Notifications Conditions

Chetan Savade
Sr.Technical Support Engineer, Endpoint Security
Enterprise Technical Support

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

Mithun Sanghavi's picture


What version of SEP 12.1 are you running?

Symantec is aware about this issue. The Issue seems to have been resolved in the SEP 12.1 RU2

Check this Article:

Single risk event notifications generate duplicate emails once every three minutes.

Meanwhile could you check with following workaround:

Can you set the value of securitynotifytask.notifcation.interval to 59 in

Default Location of C:\Program Files\Symantec\Symantec Endpoint Protection Manager\tomcat\etc\

Add the following line to


This change should create delay in multiple email response.

Check these Threads -

Hope that helps!!

Mithun Sanghavi
Associate Security Architect


Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

Mick2009's picture

"Thumbs up" to Mithun- notifications have been working pretty well for me in recent builds of SEP.

The most important thing to check as an admin, of course, is what threats are being detected in your environment and if they are being completely cleaned.  Check those notificatiosn and reports daily to ensure that the SEP clients are keeping your organization safe.

With thanks and best regards,