Notifications_High_Risk_Clients
Threat Discovery Appliance can send an email when it detects high risk clients. Threat Discovery Appliance classifies these clients as high risk when they exceed the specified number of detections. Use the High Risk Client Notification screen to configure the notifications sent to the designated individuals. These notifications contain information that can help you determine why a client is reporting a high number of detections and how to resolve this issue before it becomes the source of an outbreak.
To configure notifications for detection of high risk clients:
Notifications > Notification Settings > Detection of High Risk Clients
Select Notify administrator.
Under Notify if number of detections per IP address, configure the number of detections per IP address that triggers an alert.
Specify the number of hours or minutes within which Threat Discovery Appliance must detect the specified number of log records.
Trend Micro recommends using the default settings.
Click Save.
To disable notifications:
Notifications > Notification Settings > Detection of High Risk Clients
Clear Notify administrator.
Click Save.
See also: