Notifications

Notifications

Deep Discovery Inspector can send email notifications for threshold-based network events.

Configure the following:

Notification settings

Enable notifications and customize the subject and content of each notification using the message tokens provided.
Delivery options

Configure sender and recipient information for all notifications on the Delivery Options screen. For details, see Delivery Options.

Notifications for Threshhold-based Network Events

Event	Description
Threat Detections	The number of threat detections reached the configured threshold. For details, see Configuring Threat Detection Notifications.
High Risk Hosts Detections	Deep Discovery Inspector identified a high-risk host on your network. For details, see Configuring High Risk Hosts Detections Notifications.
Suspicious Hosts Detections	The number of suspicious hosts reached the threshold. For details, see Configuring Suspicious Hosts Detections Notifications.
High Network Traffic	The network traffic volume reached the threshold. For details, see Configuring High Network Traffic Notifications.
Unanalyzed Sample Detections	Virtual Analyzer was unable to analyze files. For details, see Configuring Unanalyzed Sample Detections Notifications.
Virtual Analyzer Detections	Virtual Analyzer detected malicious content in a sample. For details, see Configuring Virtual Analyzer Detections Notifications.
Deny List	A detection matched an object in the user-defined Deny List. For details, see Configuring Deny List Notifications.
Retro Scan Detections	Retro Scan detected historical callback attempts to C&C servers in the TM Global Intelligence List. For details, see Configuring Retro Scan Detections Notifications
High Tunneled Domains	The tunneled domains list exceeds the specified threshold. For details, see Configuring High Tunneled Domains Notifications