New Risk Found Report - 12.1 RU1
Created: 22 Feb 2012 | 6 comments
Hi Everyone,
This might be an easy question. I can't seem to find the "New Risk Found" report in the SEPM. I've checked - Monitors>Notifications>Notification Conditions. I wanted to added a couple of new e-mail addresses to the report.
In the mean time, I created a new report - single event risk event and sent the e-mail to the required addresses. It works, but I figured I would throw this out there. Thanks for the help!
Mike
Discussion Filed Under:
Comments
Report or notification?
You say you want a report, but under Monitors > Notifications, you can only create notifications. Notifications are event-driven, scheduled reports are, well, scheduled.
Under Reports > Scheduled reports > Add ... , you can configure a scheduled report like this: Risk report/New Risks Detected in the Network.
Creating administrator
Creating administrator notifications
http://www.symantec.com/business/support/index?page=content&id=HOWTO27256
How notifications work
http://www.symantec.com/business/support/index?page=content&id=HOWTO55051
Solution
1. Connect to SEPM
2. Go to "Monitors"
3. Go to "Notifications" tab
4. Click on "Notification Conditions" button at the bottom of the console
5. Click on "Add..." and select "Client Security Alert"
6. In the top of the new window, specify condition name, filtering settings (optional) and outbreak type
7. Check "Application Control Events"
8. Specify condition and damper settings
9. Check "Send email to:" and type email address to use
10. Validate
NOTE: more details available regarding each setting by clicking on "Help" button at the bottom of the window
Thank you for information. I
Thank you for information. I understand. The issue that I'm having is the "New Risk Found" notification isn't listed here - SEPM->Monitors->Notifications>Notification Conditions. But, the notification is being sent on a risk event. Is there another place I can check?
Mike
In SEP 12.1 the notification
In SEP 12.1 the notification "Risk outbreak" is enabled by default. Perhaps that's the reason for your notification.
Or take a look at Monitors > Notifications, change an appropriate time range, click View Notifications, search for the "New Risk Found" (or soemthing like this) notification and click on the report symbol.
check the notification name
check the notification name you receiving it.
Cheers!
Pete
Help Link: http://www.symantec.com/business/support/overview.jsp?pid=54619
None of the above helps me
In my SEPM there is a Notification named "New Risk" in the Notification Conditions. Its Actions are specified to email *another* SEPM administrator and to Log. When I look at the Notification list going back 24 hours or one week, it lists only those notifications that this other SEPM admin created - there are none showing as created by me or for me.
I even edited his notification and checked to see whether email to system admin was checked or not. I found nothing other than his email address and the log.
So there must be another explanation as to why I am receiving these "New Risk Found" emails. They appear to be in the formatted SEPM report style. I checked Reports and found no report called "New Risk Found."
I am dumbfounded and a little steamed...
Rich
Would you like to reply?
Login or Register to post your comment.