Configuring the Security Risk Outbreak Criteria and Notifications Parent topic

Procedure

  1. Navigate to NotificationsAdministrator NotificationsOutbreak Notifications.
  2. In the Criteria tab:
    1. Go to the Virus/Malware and Spyware/Grayware sections:
    2. Specify the number of unique sources of detections.
    3. Specify the number of detections and the detection period for each security risk.
    Tip
    Tip
    Trend Micro recommends accepting the default values in this screen.
    OfficeScan sends a notification message when the number of detections is exceeded. For example, under the Virus/Malware section, if you specify 10 unique sources, 100 detections, and a time period of 5 hours, OfficeScan sends the notification when 10 different clients have reported a total of 101 security risks within a 5-hour period. If all instances are detected on only one client within a 5-hour period, OfficeScan does not send the notification.
  3. In the Criteria tab:
    1. Go to the Shared Folder Sessions section.
    2. Select Monitor shared folder sessions on your network.
    3. In Shared folder sessions recorded, click the number link to view the computers with shared folders and the computers accessing the shared folders.
    4. Specify the number of shared folder sessions and the detection period.
    OfficeScan sends a notification message when the number of shared folder sessions is exceeded.
  4. In the Email tab:
    1. Go to the Virus/Malware Outbreaks, Spyware/Grayware Outbreaks, and Shared Folder Session Outbreaks sections.
    2. Select Enable notification via email.
    3. Specify the email recipients.
    4. Accept or modify the default email subject and message. You can use token variables to represent data in the Subject and Message fields.

      Token Variables for Security Risk Outbreak Notifications

      Variable
      Description
      Virus/Malware outbreaks
      %CV
      Total number of viruses/malware detected
      %CC
      Total number of computers with virus/malware
      Spyware/Grayware outbreaks
      %CV
      Total number of spyware/grayware detected
      %CC
      Total number of computers with spyware/grayware
      Shared folder session outbreaks
      %S
      Number of shared folder sessions
      %T
      Time period when shared folder sessions accumulated
      %M
      Time period, in minutes
    5. Select additional virus/malware and spyware/grayware information to include in the email. You can include the client/domain name, security risk name, date and time of detection, path and infected file, and scan result.
    6. Accept or modify the default notification messages.
  5. In the Pager tab:
    1. Go to the Virus/Malware Outbreaks and Spyware/Grayware Outbreaks sections.
    2. Select Enable notification via pager.
    3. Type the message.
  6. In the SNMP Trap tab:
    1. Go to the Virus/Malware Outbreaks and Spyware/Grayware Outbreaks sections.
    2. Select Enable notification via SNMP trap.
    3. Accept or modify the default message. You can use token variables to represent data in the Message field. See Token Variables for Security Risk Outbreak Notifications for details.
  7. In the NT Event Log tab:
    1. Go to the Virus/Malware Outbreaks and Spyware/Grayware Outbreaks sections.
    2. Select Enable notification via NT Event Log.
    3. Accept or modify the default message. You can use token variables to represent data in the Message field. See Token Variables for Security Risk Outbreak Notifications for details.
  8. Click Save.