Alert Notification Parameters | Trend Micro Service Central

Views:

All triggered alert rules can notify recipients with a custom email message. Some alerts have additional parameters, including message count, checking interval, or risk level.

Critical Alert Parameters

Note

For explanations about available message tokens in each alert, see Alert Notification Message Tokens.

Virtual Analyzer Stopped

Parameter	Description
Status	Select an option to enable or disable the alert.
Alert level	Displays the alert level in email messages.
Recipients	Specify the recipients who will receive the triggered alert email message.
Subject	Specify the subject of the triggered alert email message.
Message	Specify the body of the triggered alert email message. Use the following tokens to customize your message: `%ConsoleURL%` `%DateTime%` `%DeviceIP%` `%DeviceName%`

Service Stopped

Parameter	Description
Status	Select an option to enable or disable the alert.
Alert level	Displays the alert level in email messages.
Recipients	Specify the recipients who will receive the triggered alert email message.
Subject	Specify the subject of the triggered alert email message.
Message	Specify the body of the triggered alert email message. Use the following tokens to customize your message: `%ConsoleURL%` `%DateTime%` `%DeviceIP%` `%DeviceName%` `%ServiceName%`

Relay MTAs Unreachable

Parameter	Description
Status	Select an option to enable or disable the alert.
Alert level	Displays the alert level in email messages.
Recipients	Specify the recipients who will receive the triggered alert email message.
Subject	Specify the subject of the triggered alert email message.
Message	Specify the body of the triggered alert email message. Use the following tokens to customize your message: `%ConsoleURL%` `%DateTime%` `%DeviceName%` `%DeviceIP%` `%MessageList%` `%MTAList%`

License Expiration

Parameter	Description
Status	Select an option to enable or disable the alert.
Alert level	Displays the alert level in email messages.
Recipients	Specify the recipients who will receive the triggered alert email message.
Subject	Specify the subject of the triggered alert email message.
Message	Specify the body of the triggered alert email message. Use the following tokens to customize your message: `%ConsoleURL%` `%DateTime%` `%DaysBeforeExpirationATD%` `%DaysBeforeExpirationSEG%` `%DeviceName%` `%DeviceIP%` `%ExpirationDateATD%` `%ExpirationDateSEG%` `%LicenseStatusATD%` `%LicenseStatusSEG%` `%LicenseTypeATD%` `%LicenseTypeSEG%`

Important Alert Parameters

Note

For explanations about available message tokens in each alert, see Alert Notification Message Tokens.

Suspicious Messages Identified

Parameter	Description
Status	Select an option to enable or disable the alert.
Alert level	Displays the alert level in email messages.
Email messages	Specify the email message threshold that will trigger the alert.
Risk level	Select the risk level that will trigger the alert.
Alert frequency	View the time interval that Deep Discovery Email Inspector checks for the alert rule criteria.
Recipients	Specify the recipients who will receive the triggered alert email message.
Subject	Specify the subject of the triggered alert email message.
Message	Specify the body of the triggered alert email message. Use the following tokens to customize your message: `%ConsoleURL%` `%DateTime%` `%DeviceIP%` `%DeviceName%` `%MessageList%`

Watchlisted Recipients at Risk

Parameter	Description
Status	Select an option to enable or disable the alert.
Alert level	Displays the alert level in email messages.
Recipient watchlist	Add recipients to the watchlist. The alert triggers when any watchlist recipient receives a suspicious or malicious email message.
Email messages	Specify the email message threshold that will trigger the alert.
Risk level	Select the risk level that will trigger the alert.
Alert frequency	View the time interval that Deep Discovery Email Inspector checks for the alert rule criteria.
Recipients	Specify the recipients who will receive the triggered alert email message.
Subject	Specify the subject of the triggered alert email message.
Message	Specify the body of the triggered alert email message. Use the following tokens to customize your message: `%ConsoleURL%` `%DateTime%` `%DeviceIP%` `%DeviceName%` `%MessageList%`

Quarantined Messages with Detected Threats

Parameter	Description
Status	Select an option to enable or disable the alert.
Alert level	Displays the alert level in email messages.
Quarantined messages	Specify the quarantine message threshold that will trigger the alert.
Risk level	Select the risk level that will trigger the alert.
Alert frequency	View the time interval that Deep Discovery Email Inspector checks for the alert rule criteria.
Recipients	Specify the recipients who will receive the triggered alert email message.
Subject	Specify the subject of the triggered alert email message.
Message	Use the following tokens to customize your message: `%MessageList%` `%DateTime%` `%DeviceName%` `%DeviceIP%` `%ConsoleURL%`

Long Message Delivery Queue

Parameter	Description
Status	Select an option to enable or disable the alert.
Alert level	Displays the alert level in email messages.
Email messages	Specify the email message threshold that will trigger the alert.
Alert frequency	View the time interval that Deep Discovery Email Inspector checks for the alert rule criteria.
Recipients	Specify the recipients who will receive the triggered alert email message.
Subject	Specify the subject of the triggered alert email message.
Message	Specify the body of the triggered alert email message. Use the following tokens to customize your message: `%ConsoleURL%` `%DateTime%` `%DeliveryQueue%` `%DeviceIP%` `%DeviceName%` `%QueueThreshold%`

High CPU Usage

Parameter	Description
Status	Select an option to enable or disable the alert.
Alert level	Displays the alert level in email messages.
Average CPU usage	Specify the threshold for the average CPU usage that will trigger the alert.
Alert frequency	View the time interval that Deep Discovery Email Inspector checks for the alert rule criteria.
Recipients	Specify the recipients who will receive the triggered alert email message.
Subject	Specify the subject of the triggered alert email message.
Message	Specify the body of the triggered alert email message. Use the following tokens to customize your message: `%ConsoleURL%` `%CPUThreshold%` `%CPUUsage%` `%DateTime%` `%DeviceIP%` `%DeviceName%`

Long Virtual Analyzer Submission Queue

Parameter	Description
Status	Select an option to enable or disable the alert.
Alert level	Displays the alert level in email messages.
Submissions	Select email message threshold that will trigger the alert.
Alert frequency	View the time interval that Deep Discovery Email Inspector checks for the alert rule criteria.
Average wait time	Select the average wait time threshold for samples waiting in the submission queue during the past hour that will trigger the alert.
Recipients	Specify the recipients who will receive the triggered alert email message.
Subject	Specify the subject of the triggered alert email message.
Message	Specify the body of the triggered alert email message. Use the following tokens to customize your message: `%ConsoleURL%` `%DeviceIP%` `%DeviceName%` `%DateTime%` `%SandboxQueue%` `%SandboxQueueThreshold%`

Long Virtual Analyzer Processing Time

Parameter	Description
Status	Select an option to enable or disable the alert.
Alert level	Displays the alert level in email messages.
Average processing time	Select the average time threshold required to process samples in the sandbox queue during the past hour that will trigger the alert.
Alert frequency	View the time interval that Deep Discovery Email Inspector checks for the alert rule criteria.
Recipients	Specify the recipients who will receive the triggered alert email message.
Subject	Specify the subject of the triggered alert email message.
Message	Specify the body of the triggered alert email message. Use the following tokens to customize your message: `%ConsoleURL%` `%AveSandboxProc%` `%DateTime%` `%DeviceIP%` `%DeviceName%` `%SandboxProcThreshold%`

Low Free Disk Space

Parameter	Description
Status	Select an option to enable or disable the alert.
Alert level	Displays the alert level in email messages.
Free Disk space	The lowest disk space threshold in GB that triggers the alert.
Alert frequency	View the time interval that Deep Discovery Email Inspector checks for the alert rule criteria.
Recipients	Specify the recipients who will receive the triggered alert email message.
Subject	Specify the subject of the triggered alert email message.
Message	Specify the body of the triggered alert email message. Use the following tokens to customize your message: `%ConsoleURL%` `%DateTime%` `%DeviceIP%` `%DeviceName%` `%DiskSpace%`

Component Update/Rollback Unsuccessful

Parameter	Description
Status	Select an option to enable or disable the alert.
Alert level	Displays the alert level in email messages.
Recipients	Specify the recipients who will receive the triggered alert email message.
Subject	Specify the subject of the triggered alert email message.
Message	Specify the body of the triggered alert email message. Use the following tokens to customize your message: `%ConsoleURL%` `%ComponentList%` `%DateTime%` `%DeviceIP%` `%DeviceName%`

Email Messages Timed Out Without Analysis Results

Parameter	Description
Status	Select an option to enable or disable the alert.
Alert level	Displays the alert level in email messages.
Email messages	Specify the email message threshold that will trigger the alert.
Alert frequency	View the time interval that Deep Discovery Email Inspector checks for the alert rule criteria.
Recipients	Specify the recipients who will receive the triggered alert email message.
Subject	Specify the subject of the triggered alert email message.
Message	Specify the body of the triggered alert email message. Use the following tokens to customize your message: `%MessageList%` `%DateTime%` `%DeviceName%` `%DeviceIP%` `%ConsoleURL%`

Email Message Encryption/Decryption Unsuccessful

Parameter	Description
Status	Select an option to enable or disable the alert.
Alert level	Displays the alert level in email messages.
Email messages	Specify the email message threshold that will trigger the alert.
Alert frequency	View the time interval that Deep Discovery Email Inspector checks for the alert rule criteria.
Recipients	Specify the recipients who will receive the triggered alert email message.
Subject	Specify the subject of the triggered alert email message.
Message	Specify the body of the triggered alert email message. Use the following tokens to customize your message: `%MessageList%` `%DateTime%` `%DeviceName%` `%DeviceIP%` `%ConsoleURL%`

Low Free Threat Quarantine Disk Space

Parameter

Description

Status

Select an option to enable or disable the alert.

Alert level

Displays the alert level in email messages.

Free threat quarantine disk space

The lowest disk space threshold that triggers the alert.

Note

Free threat quarantine disk space refers to the percentage of space remaining on the disk partition to store messages with detected threats.

Alert frequency

View the time interval that Deep Discovery Email Inspector checks for the alert rule criteria.

Recipients

Specify the recipients who will receive the triggered alert email message.

Subject

Specify the subject of the triggered alert email message.

Message

Specify the body of the triggered alert email message.

Use the following tokens to customize your message:

%DiskSpace%
%DateTime%
%DeviceName%
%DeviceIP%
%ConsoleURL%

High Memory Usage

Parameter

Description

Status

Select an option to enable or disable the alert.

Alert level

Displays the alert level in email messages.

Average memory usage

Select the threshold for avergae memory usage that will trigger the alert.

Note

Free disk space refers to the amount of space remaining on the disk partition.

Alert frequency

View the time interval that Deep Discovery Email Inspector checks for the alert rule criteria.

Recipients

Specify the recipients who will receive the triggered alert email message.

Subject

Specify the subject of the triggered alert email message.

Message

Specify the body of the triggered alert email message.

Use the following tokens to customize your message:

%MemoryThreshold%
%MemoryUsage%
%DateTime%
%DeviceIP%
%DeviceName%
%ConsoleURL%

Long Message Deferred Queue

Parameter	Description
Status	Select an option to enable or disable the alert.
Alert level	Displays the alert level in email messages.
Deferred messages	Specify the email message threshold that will trigger the alert.
Alert frequency	View the time interval that Deep Discovery Email Inspector checks for the alert rule criteria.
Recipients	Specify the recipients who will receive the triggered alert email message.
Subject	Specify the subject of the triggered alert email message.
Message	Specify the body of the triggered alert email message. Use the following tokens to customize your message: `%ConsoleURL%` `%DateTime%` `%DeferredQueue%` `%DeviceIP%` `%DeviceName%` `%QueueThreshold%`

Low Free Spam Quarantine Disk Space

Parameter

Description

Status

Select an option to enable or disable the alert.

Alert level

Displays the alert level in email messages.

Free spam quarantine disk space

The lowest disk space threshold that triggers the alert.

Note

Free spam quarantine disk space refers to the percentage of space remaining on the disk partition to store spam messages.

Alert frequency

View the time interval that Deep Discovery Email Inspector checks for the alert rule criteria.

Recipients

Specify the recipients who will receive the triggered alert email message.

Subject

Specify the subject of the triggered alert email message.

Message

Specify the body of the triggered alert email message.

Use the following tokens to customize your message:

%DiskSpace%
%DateTime%
%DeviceName%
%DeviceIP%
%ConsoleURL%

Account Locked

Parameter	Description
Status	Select an option to enable or disable the alert.
Alert level	Displays the alert level in email messages.
Recipients	Specify the recipients who will receive the triggered alert email message.
Subject	Specify the subject of the triggered alert email message.
Message	Specify the body of the triggered alert email message. Use the following tokens to customize your message: `%Account%` `%DeviceName%` `%DeviceIP%` `%DateTime%` `%ConsoleURL%`

Unsuccessful DKIM Signing

Parameter	Description
Status	Select an option to enable or disable the alert.
Alert level	Displays the alert level in email messages.
Email messages	Specify the email message threshold that will trigger the alert.
Alert frequency	View the time interval that Deep Discovery Email Inspector checks for the alert rule criteria.
Recipients	Specify the recipients who will receive the triggered alert email message.
Subject	Specify the subject of the triggered alert email message.
Message	Specify the body of the triggered alert email message. Use the following tokens to customize your message: `%TotalMessages%` `%Interval%` `%DateTime%` `%DeviceName%` `%DeviceIP%` `%ConsoleURL%`

Connection Issue

Parameter	Description
Status	Select an option to enable or disable the alert.
Alert level	Displays the alert level in email messages.
Alert frequency	View the time interval that Deep Discovery Email Inspector checks for the alert rule criteria.
Monitored services	Select one or more services to monitor.
Recipients	Specify the recipients who will receive the triggered alert email message.
Subject	Specify the subject of the triggered alert email message.
Message	Specify the body of the triggered alert email message. Use the following tokens to customize your message: `%ServiceList%` `%DateTime%` `%DiagnosisTip%` `%DeviceName%` `%DeviceIP%` `%ConsoleURL%`

Informational Alert Parameters

Note

For explanations about available message tokens in each alert, see Alert Notification Message Tokens.

Threat Detection Surge

Parameter	Description
Status	Select an option to enable or disable the alert.
Alert level	Displays the alert level in email messages.
Detected messages	Select the detections threshold that will trigger the alert.
Alert frequency	View the time interval that Deep Discovery Email Inspector checks for the alert rule criteria.
Recipients	Specify the recipients who will receive the triggered alert email message.
Subject	Specify the subject of the triggered alert email message.
Message	Specify the body of the triggered alert email message. Use the following tokens to customize your message: `%ConsoleURL%` `%DateTime%` `%DetectionCount%` `%DetectionThreshold%` `%DeviceIP%` `%DeviceName%` `%Interval%`

Processing Surge

Parameter	Description
Status	Select an option to enable or disable the alert.
Alert level	Displays the alert level in email messages.
Processed messages	The email message threshold that triggers the alert.
Alert frequency	View the time interval that Deep Discovery Email Inspector checks for the alert rule criteria.
Recipients	Specify the recipients who will receive the triggered alert email message.
Subject	Specify the subject of the triggered alert email message.
Message	Specify the body of the triggered alert email message. Use the following tokens to customize your message: `%ConsoleURL%` `%DateTime%` `%DeviceIP%` `%DeviceName%` `%Interval%` `%ProcessingCount%` `%ProcessingThreshold%`

Component Update/Rollback Successful

Parameter	Description
Status	Select an option to enable or disable the alert.
Alert level	Displays the alert level in email messages.
Recipients	Specify the recipients who will receive the triggered alert email message.
Subject	Specify the subject of the triggered alert email message.
Message	Specify the body of the triggered alert email message. Use the following tokens to customize your message: `%ConsoleURL%` `%ComponentList%` `%DateTime%` `%DeviceIP%` `%DeviceName%`

Data Loss Prevention Incident

Parameter	Description
Status	Select an option to enable or disable the alert.
Alert level	Displays the alert level in email messages.
Detected messages	Select the detections threshold that will trigger the alert.
DLP templates to monitor	Select a list view option and one or more DLP templates to monitor.
Alert frequency	View the time interval that Deep Discovery Email Inspector checks for the alert rule criteria.
Recipients	Specify the recipients who will receive the triggered alert email message.
Subject	Specify the subject of the triggered alert email message.
Message	Specify the body of the triggered alert email message. Use the following tokens to customize your message: `%DetectionCount%` `%DetectionThreshold%` `%Interval%` `%MessageList%` `%DateTime%` `%DeviceIP%` `%DeviceName%` `%ConsoleURL%`

Keywords: notification parameters,important alerts,informational alerts,alerts,critical alerts