2 Replies Latest reply on Jul 9, 2012 3:30 PM by kenshiro2012

    ePO 4.5 (build 851) email notification

      In "automatic repsonses" I have Malware detected and not handled enabled (see attached picture for filter details).

      However in all email notifications I receive it says: "Action Taken: deleted" (see example below).

      I only want to receive messages when no action is taken.




      ePolicy Orchestrator Notification

      Response Name: Malware detected and handled Event Type Name: Threat Defined at: My Organization System Location: xxx

      Description: Sends an e-mail notification when "Malware detected and not handled" events are received.


      Number of events: 1

      Source Computers: _

      Source IPV6 addresses: xxx

      Source IPV4 addresses: xxx

      Source User Name:

      Threat Names: xxx

      Threat Handled: true

      Detecting Product Names: VirusScan Enterprise




      Detecting Product: VIRUSCAN8700

      * Dat Version: 6743.0000

      * Detection Method: OAS

      * Engine Version: 5400.1158

      * Host Name: xxx

      * IPV4 Address: xxx

      * IPV6 Address: xxx

      * MAC Address:

      * Name: VirusScan Enterprise

      * Version: 8.7


      Agent GUID: xxx

      Event Description: Infected file deleted.

      OS Platform: xxx

      OS Type: xxx

      System Location: xxx



      * Host Name: _

      * IPV4 Address: xxx

      * IPV6 Address: xxx

      * MAC Address:

      * Process Name:

      * URL:

      * User Name:



      * File Name: xxx

      * Host Name: xxx

      * IPV4 Address: xxx

      * IPV6 Address: xxx

      * MAC Address:

      * Port: 0

      * Process Name:

      * Protocol:

      * User Name: xxx



      * Action Taken: deleted

      * Category: Malware detected

      * Event ID: 1027

      * Handled: true

      * Name: xxx

      * Severity: Alert

      * Type: Trojan