Configuring Outbreak Notifications for Administrators

Define an outbreak by the number of security risk detections and the detection period. After defining the outbreak criteria, configure Apex One (Mac) to notify you and other Apex One (Mac) administrators of an outbreak so you can respond immediately.

  1. Navigate to Notifications > Outbreak Notifications.
  2. In the Criteria tab, specify the following:
    • Number of unique sources of security risks

    • Number of detections

    • Detection period

    Tip:

    Trend Micro recommends accepting the default values in this screen.

    Apex One (Mac) declares an outbreak and sends a notification message when the number of detections is exceeded. For example, if you specify 10 unique sources, 100 detections, and a time period of 5 hours, Apex One (Mac) sends the notification when 10 different Security Agents have reported a total of 101 security risks within a 5-hour period. If all instances are detected on only one Security Agent within a 5- hour period, Apex One (Mac) does not send the notification.

  3. Click Save.
  4. In the Email tab:
    1. Enable notifications to be sent through email.
    2. Specify the email recipients and accept or modify the default subject.

      Token variables are used to represent data in the Message field.

      Variable

      Description

      %CV

      Total number of security risks detected

      %CC

      Total number of endpoints with security risks

  5. Select additional information to include in the email. You can include the Security Agent or group name, security risk name, path and infected file, date and time of detection, and scan result.
  6. Click Save.