I have recently upgraded my EPO to 4.5. In Automatic reponses I have Malware detected and not handled. On the filter page, i have selected Threat Category : Belongs to , Malware detected and Threat detected : Equals, True. My question is whether the Threat detected should be True or False? My intention is to get an email alert when the virus is detected and not handled by the VSE 8.5 or 8.7. Please advise.
Thanks. I have modified the Threat handled to false. Today i have found the some events in the Threat event log and havent received any email notification though the threat handled is showing as false. I have attached the doc for your reference.
I have same issue here. I set up "Malware detected and not handled" and I am not getting email notification.
Here is how I set up Malware detected and not handled "
|Name:||Malware detected and not handled|
|Description:||Sends an e-mail notification when "Malware detected and not handled" events are received.|
|Event:||Event group: ePO Notification Events|
Event type: Threat
|Aggregation:||Trigger this response for every event.|
|Grouping:||Do not group aggregated events.|
|Throttling:||This response will be triggered at most once every 15 minutes|
|Actions:||1: Send Email|