Threat Type : None Severity : Critical Action Taken : none User : useruser Machine Name : egmachine Virus Name : none
I have an automatic response configured to email me whenever a threat is detected by VSE 8.5 and the threat severity is either critical or emergency. Above is the body of an email I have since received several times. The machine name and username are different for different detections. Whenever I then scan the machine the threat is detected on the only thing that shows up are cookies if anything. What I am wondering is why threat type and virus name are 'none'? Also is there a better way of configuring an automatic response to email me when a machine is infected with a serious threat (ie. not just a cookie or a warning about a rule violation)?
Any assistance or advice greatly appreciated.
Currently running EPO 4.5, vse 8.5 + antispyware, agent 4.0.
Personally I would disable the cookie detection notifications in the VSE Policies first. As this will get rid of the possibly unwanted nagging about cookies. Also these cookie detections will fill up an ePO Database quickly. Once this is done your current configuration should work just fine.
Not sure how to disable the cookie detection notifications, would be happy to do so.
Is it Policy Catalog - Product: vse 8.5, Catagory: Alert policies - Alert Manager Options: Disable Alerting??? - worried that this will disable alerting for more serious threats rather than just cookies?