Procedure

1. Go to Detections → Notifications → Event Notifications.
   The Event Notifications screen appears.
2. Click Known Threat Activity.
   A list of events appears.
3. In the Event column, click Network virus alert.
   The Network Virus Alert screen appears.
4. Specify the following notification settings.

   Settings	Description
   Detections	Type the number of threats detected by the managed product.
   Affected users/endpoints	Specify the number of affected users/endpoints.
   Period	Specify the period of time.

5. Select recipients for the notification.
   1. From the Available Users and Groups list, select contact groups or user accounts.
   2. Click >.
      The selected contact groups or user accounts appear in the Selected Users and Groups list.
6. Enable one or more of the following notification methods.

   Method	Description
   Email message	To customize the email notification template, use supported token variables or modify the text in the Subject and Message fields. For more information, see Standard Token Variables, Known Threat Activity Token Variables and Network Access Control Token Variables.
   Windows event log	To customize the notification template, use supported token variables or modify the text in the Message field. For more information, see Standard Token Variables, Known Threat Activity Token Variables and Network Access Control Token Variables.
   SNMP trap	Apex Central stores SNMP trap notifications in a Management Information Base (MIB). To view the SNMP trap notifications, go to Notifications → Notification Method Settings and click Download MIB file under SNMP Trap Settings.
   Trigger application	Specify the full path of the application file and any parameters for the command.
   Syslog	Apex Central can direct syslogs to supported third-party products, including Cisco Security Monitoring, Analysis and Response (MARS).

7. To test if recipients can receive the event notification, click Test.
8. Click Save.