Hi Dddoe,
Do you mean that you wish for SAVFL just take the action of "log only" when a threat is identified-?
Is there any specific reason that you wish for this "log only" action (fear that certain files will be detected in error/ False Positive)? I really recommend leaving the actions at the default so that any malicious files are quarantined or deleted.
Regarding emails.... It is possible to configure SAVFL with SAVFL Reporter to send logs about detections to the SEPM. The SEPM can then be configured to create notifications that are emailed to admins or other addresses.
Hope this helps!
Mick