The following table explains the alerts triggered by events that require limited observation. Surges in detection and processing, and completed updates are most likely benign events.
Name |
Criteria (Default) |
Checking Interval (Default) |
|---|---|---|
Threat Detection Surge |
At least 10 messages detected |
Once every hour |
Processing Surge |
At least 20,000 messages processed |
Once every hour |
Component Update/Rollback Successful |
An update/rollback was successfully completed |
Immediate |
|
Data Loss Prevention Incident |
At least 10 messages with DLP rule violations |
Once every hour |