Views:

Use token variables to customize the subject line and the message body of event notifications.

To prevent email from addresses with external domains from being labeled as spam, add the external email addresses to the Approved Senders lists for Anti-Spam.

The following tokens represent threat events detected on desktops/servers and Microsoft Exchange servers.

Token

Description

Alert Type

%COUNT

Inserts the number of detections

Warning events: All

$CSM_SERVERNAME

Inserts the name of the Security Server

All

%DATE

Inserts the number of days remaining on the license

License - Expired

License - Expiring in less than 60 days

%DATE_TIME

Inserts the time and date of the event

Antivirus - Threats unresolved

Antivirus - Real-time Scan disabled on endpoints

Antivirus - Real-time Scan disabled on Exchange server(s)

Antispyware - Detections requiring device restart

Update - Outdated agents

Update - Outdated Messaging Security Agents

Update - Outdated Security Server Components

Smart Protection Services - Service unavailable

Resource shortage - Remaining disk space

%DEVICE_COUNT

Inserts the number of affected devices

Antivirus - Threats unresolved

Antivirus - Real-time Scan disabled on endpoints

Antivirus - Real-time Scan disabled on Exchange server(s)

Antispyware - Detections requiring device restart

Update - Outdated agents

Update - Outdated Messaging Security Agents

Resource shortage - Remaining disk space

All warning events except the following:

Antispam - Spam detections in total messages received exceed:

%FROM

Inserts the starting time and date of the event

All warning events except the following:

Antispam - Spam detections in total messages received exceed:

%NUMBER

Lists the number of events

Antivirus - Threats unresolved

Antivirus - Real-time Scan disabled on endpoints

Antivirus - Real-time Scan disabled on Exchange server(s)

Antispyware - Detections requiring device restart

All warning events except the following:

Antispam - Spam detections in total messages received exceed:

%SEAT_IN_USE_COUNT

Inserts the number of desktop/server seats in use

License - seat usage is more than 110%

License - seat usage is more than 100%

%SEAT_PURCHASED_COUNT

Inserts the number of desktop/server seats available in your license

License - seat usage is more than 110%

License - seat usage is more than 100%

%THRESHOLD%

Provides the threshold of an event

Update - Outdated agents

Update - Outdated Smart Scan Pattern

Update - Outdated Security Server Components

Smart Protection Services - Service unavailable

Resource shortage - Remaining disk space

License - Seat usage is more than 110%

License - Seat usage is more than 100%

Warning events: All

%TO

Inserts the ending time and date of the event

All warning events except the following:

Antispam - Spam detections in total messages received exceed:

Subject: [Security Server - <$CSM_SERVERNAME>] [Action 
Required] Antivirus - Threats unresolved: %NUMBER
Message: Trend Micro Worry-Free Business Security Notification 
* Antivirus - Threats unresolved: %NUMBER 
* Report time: %DATE_TIME
* Affected devices: %DEVICE_COUNT 
* Suggestion: 
  Run a scan using the Trend Micro HouseCall Tool.
Subject: [Security Server - Server A] [Action Required] 
Antivirus - Threats unresolved: 5
Message: Trend Micro Worry-Free Business Security Notification 
* Antivirus - Threats unresolved: 5 
* Report time: February 14, 2018
* Affected devices: 2 
* Suggestion:    
  Run a scan using the Trend Micro HouseCall Tool.