How to define rules on SEP12 to trigger alerts
Created: 17 Jan 2013 | 3 comments
Hi all ,
Do you know how to define rules on SEP12 to trigeer alerts?
I want to get two rules:
Rule one - Virus outbreak by number of infected computers
Found 5 or more infected computer(s) in 20 minute(s).
Rule Two – Virus Outbreak
Found more than 5 viruses in 10 minutes
Discussion Filed Under:
Comments 3 Comments • Jump to latest comment
Hi,
It's not Possible in sepm.
You can set minimum 1 hour’s interval all infected system detail not specify (Less than more than)
Thanks In Advance
Ashish Sharma
SEPM Knowledgebase Documents
I don't think SEPM can fulfill you requirement, but you can try this
http://www.symantec.com/business/support/index?pag...
Regard's
Ajit Jha
Technical Consultant
ASC & STS
Please have a look at how the event log forwarding and damper settings work:
http://www.symantec.com/docs/TECH104921
You can set the trigger for a specific amount of occurences (detections) within specified timeframe. The Event notification will depend on damper settings - minimum is 20 minutes, auto is 1 hour.
Would you like to reply?
Login or Register to post your comment.