Threat Detection Notifications

Deep Discovery Inspector can send notifications when detections reach the specified threshold. Threat Detection notifications specify the number of detections for each threat type.

Procedure

Go to Administration → Notifications → Notification Settings → Threat Detections.
Select Notify Administrator if number of threat detections for:.
Specify the threshold for outbound and inbound traffic.
- Outbound traffic: Detections from monitored networks
- Inbound traffic: Detections from outside the network
Select the types of threats to detect.
(Optional) Configure the notification recipients.

For details, see Configuring Email Notification Settings.

(Optional) Modify the default subject and message body.

Important

The message subject cannot exceed 256 characters.
The message body cannot exceed 4,096 characters.

You can use any of the following message tokens when customizing the notification.

Message Token	Description
__LOOP_END__	End of message token loop
__LOOP_RISKS_COUNT__	Detection count
__LOOP_RISKS_DIRECTION__	Direction of network traffic
__LOOP_RISKS_NAME__	Detection type
__LOOP_RISKS_THRESHOLD__	Detection threshold
__LOOP_START__	Start of message token loop
__TIMESTAMP__	Notification date and time

Important

The following tokens repeat as needed inside message token loops:

__LOOP_RISKS_COUNT__
__LOOP_RISKS_DIRECTION__
__LOOP_RISKS_NAME__
__LOOP_RISKS_THRESHOLD__

Click Save.

/*<![CDATA[*/ $('#title').html($('meta[name=description]').attr('content')); /*]]>*/

Threat Detection Notifications

Procedure

Important

Important