Alert Notification Parameters

All triggered alert rules can notify recipients with a custom email message. Some alerts have additional parameters, including message count, checking interval, or risk level.

Critical Alert Parameters

Note

For explanations about available message tokens in each alert, see Alert Notification Message Tokens.

Virtual Analyzer Stopped

Parameter	Description
Enable alert	Enable the selected alert.
Recipients	Specify the recipients who will receive the triggered alert email message.
Subject	Specify the subject of the triggered alert email message.
Message	Specify the body of the triggered alert email message. Use the following tokens to customize your message: `%ConsoleURL%` `%DateTime%` `%DeviceIP%` `%DeviceName%`

Service Stopped

Parameter	Description
Enable alert	Enable the selected alert.
Recipients	Specify the recipients who will receive the triggered alert email message.
Subject	Specify the subject of the triggered alert email message.
Message	Specify the body of the triggered alert email message. Use the following tokens to customize your message: `%ConsoleURL%` `%DateTime%` `%DeviceIP%` `%DeviceName%` `%ServiceName%`

Relay MTAs Inaccessible

Parameter	Description
Enable alert	Enable the selected alert.
Recipients	Specify the recipients who will receive the triggered alert email message.
Subject	Specify the subject of the triggered alert email message.
Message	Specify the body of the triggered alert email message. Use the following tokens to customize your message: `%ConsoleURL%` `%DateTime%` `%DeviceName%` `%DeviceIP%` `%MessageList%` `%MTAList%`

License Expiration

Parameter	Description
Enable alert	Enable the selected alert.
Recipients	Specify the recipients who will receive the triggered alert email message.
Subject	Specify the subject of the triggered alert email message.
Message	Specify the body of the triggered alert email message. Use the following tokens to customize your message: `%ConsoleURL%` `%DateTime%` `%DaysBeforeExpiration%` `%DeviceName%` `%DeviceIP%` `%ExpirationDate%` `%LicenseStatus%` `%LicenseType%`

Important Alert Parameters

Note

For explanations about available message tokens in each alert, see Alert Notification Message Tokens.

Suspicious Messages Identified

Parameter	Description
Enable alert	Enable the selected alert.
Risk level	Select the risk level that will trigger the alert.
Email messages	Select the detections threshold that will trigger the alert.
Alert frequency	View the time interval that TippingPoint Advanced Threat Protection for Email checks for the alert rule criteria.
Recipients	Specify the recipients who will receive the triggered alert email message.
Subject	Specify the subject of the triggered alert email message.
Message	Specify the body of the triggered alert email message. Use the following tokens to customize your message: `%ConsoleURL%` `%DateTime%` `%DeviceIP%` `%DeviceName%` `%MessageList%`

Watchlisted Recipients at Risk

Parameter	Description
Enable alert	Enable the selected alert.
Recipient watchlist	Add recipients to the watchlist. The alert triggers when any watchlist recipient receives a suspicious or malicious email message.
Risk level	Select the risk level that will trigger the alert.
Email messages	Select the detections threshold that will trigger the alert.
Alert frequency	View the time interval that TippingPoint Advanced Threat Protection for Email checks for the alert rule criteria.
Recipients	Specify the recipients who will receive the triggered alert email message.
Subject	Specify the subject of the triggered alert email message.
Message	Specify the body of the triggered alert email message. Use the following tokens to customize your message: `%ConsoleURL%` `%DateTime%` `%DeviceIP%` `%DeviceName%` `%MessageList%`

Long Message Delivery Queue

Parameter	Description
Enable alert	Enable the selected alert.
Email messages	Select email message threshold that will trigger the alert.
Alert frequency	View the time interval that TippingPoint Advanced Threat Protection for Email checks for the alert rule criteria.
Recipients	Specify the recipients who will receive the triggered alert email message.
Subject	Specify the subject of the triggered alert email message.
Message	Specify the body of the triggered alert email message. Use the following tokens to customize your message: `%ConsoleURL%` `%DateTime%` `%DeliveryQueue%` `%DeviceIP%` `%DeviceName%` `%QueueThreshold%`

High CPU Usage

Parameter	Description
Enable alert	Enable the selected alert.
Average CPU usage	Select the threshold for CPU usage that will trigger the alert.
Alert frequency	View the time interval that TippingPoint Advanced Threat Protection for Email checks for the alert rule criteria.
Recipients	Specify the recipients who will receive the triggered alert email message.
Subject	Specify the subject of the triggered alert email message.
Message	Specify the body of the triggered alert email message. Use the following tokens to customize your message: `%ConsoleURL%` `%CPUThreshold%` `%CPUUsage%` `%DateTime%` `%DeviceIP%` `%DeviceName%`

Long Virtual Analyzer Queue

Parameter	Description
Enable alert	Enable the selected alert.
Submissions	Select email message threshold that will trigger the alert.
Alert frequency	View the time interval that TippingPoint Advanced Threat Protection for Email checks for the alert rule criteria.
Recipients	Specify the recipients who will receive the triggered alert email message.
Subject	Specify the subject of the triggered alert email message.
Message	Specify the body of the triggered alert email message. Use the following tokens to customize your message: `%ConsoleURL%` `%DateTime%` `%DeviceIP%` `%DeviceName%` `%SandboxQueue%` `%SandboxQueueThreshold%`

Long Virtual Analyzer Processing Time

Parameter	Description
Enable alert	Enable the selected alert.
Average processing time	Select the average time threshold required to process samples in the sandbox queue during the past hour that will trigger the alert.
Alert frequency	View the time interval that TippingPoint Advanced Threat Protection for Email checks for the alert rule criteria.
Recipients	Specify the recipients who will receive the triggered alert email message.
Subject	Specify the subject of the triggered alert email message.
Message	Specify the body of the triggered alert email message. Use the following tokens to customize your message: `%ConsoleURL%` `%AveSandboxProc%` `%DateTime%` `%DeviceIP%` `%DeviceName%` `%SandboxProcThreshold%`

Low Free Disk Space

Parameter

Description

Enable alert

Enable the selected alert.

Free Disk space

The lowest disk space threshold in GB that triggers the alert.

Note

Free disk space refers to the amount of space remaining on the disk partition.

Alert frequency

View the time interval that TippingPoint Advanced Threat Protection for Email checks for the alert rule criteria.

Recipients

Specify the recipients who will receive the triggered alert email message.

Subject

Specify the subject of the triggered alert email message.

Message

Specify the body of the triggered alert email message.

Use the following tokens to customize your message:

%ConsoleURL%
%DateTime%
%DeviceIP%
%DeviceName%
%DiskSpace%

Component Update Unsuccessful

Parameter	Description
Enable alert	Enable the selected alert.
Recipients	Specify the recipients who will receive the triggered alert email message.
Subject	Specify the subject of the triggered alert email message.
Message	Specify the body of the triggered alert email message. Use the following tokens to customize your message: `%ConsoleURL%` `%ComponentList%` `%DateTime%` `%DeviceIP%` `%DeviceName%`

Email Messages Timed Out Without Analysis Results

Parameter	Description
Enable alert	Enable the selected alert.
Email messages	Select email message threshold that will trigger the alert.
Alert frequency	View the time interval that TippingPoint Advanced Threat Protection for Email checks for the alert rule criteria.
Recipients	Specify the recipients who will receive the triggered alert email message.
Subject	Specify the subject of the triggered alert email message.
Message	Specify the body of the triggered alert email message. Use the following tokens to customize your message: `%MessageList%` `%DateTime%` `%DeviceName%` `%DeviceIP%` `%ConsoleURL%`

Low Free Quarantine Disk Space

Parameter

Description

Enable alert

Enable the selected alert.

Free quarantine disk space

The lowest disk space threshold that triggers the alert.

Note

Free quarantine disk space refers to the percentage of space remaining on the disk partition.

Alert frequency

View the time interval that TippingPoint Advanced Threat Protection for Email checks for the alert rule criteria.

Recipients

Specify the recipients who will receive the triggered alert email message.

Subject

Specify the subject of the triggered alert email message.

Message

Specify the body of the triggered alert email message.

Use the following tokens to customize your message:

%DiskSpace%
%DateTime%
%DeviceName%
%DeviceIP%
%ConsoleURL%

Quarantined Messages

Parameter	Description
Enable alert	Enable the selected alert.
Quarantined messages	Specify the quarantined messages threshold that will trigger the alert.
Risk level	Select the risk level that will trigger the alert.
Alert frequency	View the time interval that TippingPoint Advanced Threat Protection for Email checks for the alert rule criteria.
Recipients	Specify the recipients who will receive the triggered alert email message.
Subject	Specify the subject of the triggered alert email message.
Message	Use the following tokens to customize your message: `%MessageList%` `%DateTime%` `%DeviceName%` `%DeviceIP%` `%ConsoleURL%`

Informational Alert Parameters

Note

For explanations about available message tokens in each alert, see Alert Notification Message Tokens.

Detection Surge

Parameter	Description
Enable alert	Enable the selected alert.
Detected messages	Select the detections threshold that will trigger the alert.
Alert frequency	View the time interval that TippingPoint Advanced Threat Protection for Email checks for the alert rule criteria.
Recipients	Specify the recipients who will receive the triggered alert email message.
Subject	Specify the subject of the triggered alert email message.
Message	Specify the body of the triggered alert email message. Use the following tokens to customize your message: `%ConsoleURL%` `%DateTime%` `%DetectionCount%` `%DetectionThreshold%` `%DeviceIP%` `%DeviceName%` `%Interval%`

Processing Surge

Parameter	Description
Enable alert	Enable the selected alert.
Processed messages	The email message threshold that triggers the alert.
Alert frequency	View the time interval that TippingPoint Advanced Threat Protection for Email checks for the alert rule criteria.
Recipients	Specify the recipients who will receive the triggered alert email message.
Subject	Specify the subject of the triggered alert email message.
Message	Specify the body of the triggered alert email message. Use the following tokens to customize your message: `%ConsoleURL%` `%DateTime%` `%DeviceIP%` `%DeviceName%` `%Interval%` `%ProcessingCount%` `%ProcessingThreshold%`

Component Update Successful

Parameter	Description
Enable alert	Enable the selected alert.
Recipients	Specify the recipients who will receive the triggered alert email message.
Subject	Specify the subject of the triggered alert email message.
Message	Specify the body of the triggered alert email message. Use the following tokens to customize your message: `%ConsoleURL%` `%ComponentList%` `%DateTime%` `%DeviceIP%` `%DeviceName%`

$('#title').html($('meta[name=description]').attr('content'));