1 Reply Latest reply: Jul 9, 2014 3:53 PM by Scott Sadlocha RSS





      I am trying to make a report with automatic response:


      The automatic reponse works fine  because i have it working for others .


      Anyway i am trying to create a report  that has a automatic reponse because of the following:


      - a computers has more then 10 malware events with in 1 hour -> send report

      - Or more then 10 computers are infected in 1 hour -> send report



      As a report filter i have:


      1. Event category belongs to malware detected




      trigger response 1 hour

      detected  distinct values 10


      or 25 number events


      every 15 min  throttling


      Any help?

        • 1. Re: Report
          Scott Sadlocha

          Bumping this post, because I would like to see the same thing as well. In the past I used Symantec, and it was very easy to set up alerts such as this. I would like to set this up in McAfee, where I could receive a notification if 1 system had 10 threat alerts in an hour, or if 10 systems have the same threat within 1 hour.