The following table explains the alerts triggered by events that require
limited observation. Surges in detection and processing, and completed updates are
most
likely benign events.
Informational Alerts
|
Name
|
Criteria
(Default)
|
Checking Interval
(Default)
|
|
Threat Detection Surge
|
At least 10 messages detected
|
Once every hour
|
|
Processing Surge
|
At least 20,000 messages processed
|
Once every hour
|
|
Component Update/Rollback Successful
|
An update/rollback was successfully completed
|
Immediate
|
|
Data Loss Prevention Incident
|
At least 10 messages with DLP rule violations
|
Once every hour
|