Views:
Configure the following event notification to notify administrators when advanced threats have been detected by the Attack Discovery Engine.

Procedure

  1. Go to DetectionsNotificationsEvent Notifications.
    The Event Notifications screen appears.
  2. Click Advanced Threat Activity.
    A list of events appears.
  3. In the Event column, click Attack Discovery Detections.
    The Attack Discovery Detections screen appears.
  4. Specify the following notification settings.
    Settings
    Description
    Detection type
    Select the risk level of the detections that trigger the event notification.
    Period
    Specify the period of time.
  5. Select recipients for the notification.
    1. From the Available Users and Groups list, select contact groups or user accounts.
    2. Click >.
      The selected contact groups or user accounts appear in the Selected Users and Groups list.
  6. Enable one or more of the following notification methods.
    Method
    Description
    Email message
    To customize the email notification template, use supported token variables or modify the text in the Subject and Message fields.
    For more information, see Attack Discovery Token Variables.
  7. To test if recipients can receive the event notification, click Test.
  8. Click Save.