Endpoint Protection Small Business Edition

Who gets the email alert in the applications control? We are not recieving the alerts.

Thanks

We are getting emails about virus defs and System Event Notifications just not the application control rules.

Thanks

Exact SEPM version?

Do you have the alert configured under Monitors >> Notifications >> Notification Conditions >> Add >> Client Security Alert >> Application Control events

12.1.6306.6100 and yes we have client security alert and device control alers set.

Thanks,

And this was working as expected prior to just recently? Did something change?

I dont think that it was ever working since I took over administration of the Symentc servers.

Is the Application Control rule working at all? You can check it at the client (View Logs > Client Management > Control Log) or at the SEPM (Monitors > Logs > Application and Device Control > [Log Content] Application Control > Advanced Settings > [Event Type] Application Control Rules).

As Brian says, you have to configure the alert. By default, the condition and the damper settings are set with the goal to bother the admin not too much. You could set "condition" to "1 occurrences within 1 minutes" and the damper to "None" to increase the sensitivity of the alerts:

In this setting above every Application Control event will trigger a notification and an email, not only until 3 events will happen within 1 minute.