4 Replies Latest reply on Apr 19, 2012 8:47 AM by jha

    Automatic Responses - Action "Send Email" not working

      Hello all,

       

      I am running ePO 4.6 on WS2008 R2.  I have created a new Automatic Response to send an email notification when a non-authorised device is connected to an endpoint.  The actual DLP Plug and Play rule is working as expected, the events are reported back to the ePO server as expected.

       

      The Automatic Response is specified as follows:

      Description:

      event group: ePO Notification Events

      event type: threat

      status: enabled

       

       

      Filter:

      detecting product name = Data Loss Protection

      threat type = DEVICE_PLUG

      threat handled = True

      threat handled = false

      threat event ID contains 19015

       

       

      Aggregation:

      trigger this response for every event

       

       

      Actions:

      Send Email.

      Recipients: *******@******.com

      Importance: High

      Subject:  Un-authorised Device has been detected.

      Body:

      {listOfDetectedUTC}

      {listOfTargetHostName}

      {listOfTargetUserName}

       

      The default Automatic responses work fine, as does the test email function within the server settings, so I am sure this is either an issue with the software, or an issue with the automatic response that I have created.

       

      I have a support case opened, just wondering if anyone else has seen similar issues?

       

      Cheers

       

      Jonathan