Configuring Threat Detection Notifications

Deep Discovery Inspector can send this notification when the number of detections reaches the configured threshold. The notification specifies the number of detections for each threat type.

Procedure

Go to Administration → Notifications → Notification Settings → Threat Detections.

The Threat Detections screen appears.
Select Notify Administrator if number of threat detections for:.
Specify the threshold for outbound and inbound traffic.
- Outbound traffic: Detections from monitored networks
- Inbound traffic: Detections from outside the network
Select the types of threats to detect.
(Optional) Configure the notification recipients.

For details, see Configuring Email Notification Settings.

(Optional) Modify the default message content.

Type a subject that does not exceed 256 characters.
Type message content that does not exceed 4,096 characters.

Use any of the following message tokens when customizing the notification.

Message Token	Description
__LOOP_END__	End of message token loop
__LOOP_RISKS_COUNT__	Detection count
__LOOP_RISKS_DIRECTION__	Direction of network traffic
__LOOP_RISKS_NAME__	Detection type
__LOOP_RISKS_THRESHOLD__	Detection threshold
__LOOP_START__	Start of message token loop
__TIMESTAMP__	Notification date and time

Note

When a __LOOP_[variable]__ message token is applied, the LOOP variable will repeat continuously between the LOOP start time and the LOOP end time.

Click Save.

$('#title').html($('meta[name=description]').attr('content'));

Configuring Threat Detection Notifications

Procedure

Note