Configuring Advanced Threat Activity Alert Settings

  1. Navigate to Administration > Event Center > Event Notifications.

    The Event Center screen appears.

  2. Expand the Advanced Threat Activity Event Category, and click the Settings link for any of the related events. For details, see Advanced Threat Activity.

    The <Advanced Threats Event Type> Settings screen appears.

  3. Under Threshold, select any of the following:
    • Trigger alerts on every single detection: Send notification when an advanced threat event is detected

    • Trigger alerts when endpoints match the following settings: Send only when the number of detections and period of consideration are met

  4. Under Email Attachment, select Attach logs to CSV file to include a *.CSV file attachment with detection details in the notification.
  5. Click Save.