cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
User16096767
User16096767
Level 10
Report Inappropriate Content
Message 1 of 2
‎02-11-2019 08:20 AM

Email Notification

Hi All,

we are seeing email notification for "EICAR test file" So, I checked Email notification settings and it shows  the filter is set 

Contains   "EICAR test file". Is it important to have it filtered  Contain or not contain? 

If the file is deleted why are we seeing the same alert every three hours?

Also, the user is root, I wasn't able to check if anyone is testing to confirm the legitimatcy  of EICAR testing.

0 Kudos
Reply
1 Reply
Highlighted
cdinet
McAfee Employee cdinet
McAfee Employee
Report Inappropriate Content
Message 2 of 2
‎02-11-2019 09:02 AM

Re: Email Notification

I would look at what system or systems is generating that alert.  Alert settings are your choice for how they are set up and what you want alerted on, so if you don't want to see those, you can disable it.  Most people use that for testing the alerting, then turn it off. 

If nobody is doing any testing, see if that system generating the alert has a policy setting to deny access to the file - in that case, it might not get deleted and might still trigger a detection.  Get with the VSE or ENS team for any assistance with that.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

0 Kudos
Reply
More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator