Configuring C&C Callback Outbreak Alert Settings

  1. Navigate to Administration > Event Center > Event Notifications.

    The Event Center screen appears.

  2. Expand the Advanced Threat Activity Alert Event category, and click the Settings link for C&C callback outbreak alert.

    The C&C Callback Outbreak Alert Settings screen appears.

  3. Select the type of C&C list source to include in the notification message.
  4. Provide the following:
    • Callback attempts: The number of callback attempts that trigger an outbreak alert

    • Compromised hosts: The number of affected hosts or email addresses

    • Period: The period of consideration for callback count parameter

    The Event Center settings screen of C&C callback outbreak alert, Callback attempts, Compromised hosts, and Period are conditions that trigger an outbreak alert. For example, if Period is set to 1 hour and both Callback attempts and Compromised hosts have 10 counts, Control Manager issues an alert if there are 10 callback attempts related to 10 compromised hosts in an hour.

  5. Click Save.