You can customize the alert messages sent to a distribution list for the following types of events:
- Infection Detected — An immediate message sent when an endpoint reports an infection.
- Endpoint Installed — An immediate message sent as soon as SecureAnywhere is installed on an endpoint and it reports into the Management Portal.
- Infection Summary — A summary message that provides an overview of threats detected on endpoints. The summary can be scheduled for a daily, weekly, or monthly distribution.
- Install Summary — A summary message that provides an overview of SecureAnywhere installations. The summary can be scheduled for a daily, weekly, or monthly distribution.
You can use the Create Alert wizard to define the messages and a distribution list, as described in this topic. You can also define a distribution list separately; for more information, see Creating Distribution Lists.
To create a customized alert:
- From the main console, click the Alerts tab.
The Alerts panel displays.
- From the Command bar, click the Create icon.
The Create Alert window displays.
- From the Alert Type drop-down menu, select an alert type.
- In the Alert Name field, enter a name for this alert.
- If you selected Threat Summary or Install Summary as the alert type, the Frequency field displays. Select a frequency to determine how often you want the system to send alerts.
- Click the Next button.
The Step 2 window displays.
- Select one of the following radio buttons to determine the list of recipients that you want to alert:
- If you already created a distribution list, select the Use existing list radio button.
- If you have not yet created a distribution list, select the Create new list radio button, enter a list name, then enter the email addresses.
- When you're done, click the Next button.
The Step 3 window displays.
- In the Email title field, enter the subject head for the message.
- In the Email message body field, enter the text for the message.
- The wizard also provides data inputs within the text, which are variables you can use for automatically inserting such information as the hostname of the endpoint. Some data inputs are already displayed for you in the sample text. Data inputs are displayed in brackets.
To add your own data inputs, click inside the text where you want a variable to display , then click the drop-down arrow for one of the Data Inputs buttons. There is one button for the email title and one for the email body .
- Select from the data inputs, which are all described in the following table.
Note: Depending on the type of alert message you are defining, only the applicable data inputs display in the drop-down menu.
The name of the endpoint triggering the alert.
The group assigned to the endpoint triggering the alert.
A description of the group assigned to the endpoint triggering the alert.
The policy assigned to the endpoint triggering the alert.
The keycode used for the endpoint triggering the alert.
The user of the endpoint triggering the alert.
The name of the Console where the endpoint is included.
The date and time when this event was first detected.
The date and time when this event was last detected.
The date and time the endpoint triggering the alert was last infected.
The operating system version on the endpoint triggering the alert.
The version number of the SecureAnywhere software installed on the endpoint triggering the alert.
The Media Access Control (MAC) address on the network where the endpoint triggering the alert is installed.
The network workgroup where the endpoint is located, if any.
The name of the Active Directory.
A list of infections.
A summary of the infections.
A summary of the SecureAnywhere installations.
Note: Both the Workgroup and Active Directory data points are unsupported in the Mac agent.
- To view the email message, click Preview.
- When you are done creating the message, click Finish.