Creating Customized Alerts

You can customize the alert messages sent to a distribution list for the following types of events:

You can use the Create Alert wizard to define the messages and a distribution list, as described in this topic. You can also define a distribution list separately; for more information, see Creating Distribution Lists.

To create a customized alert:

  1. From the main console, click the Alerts tab.

    The Alerts panel displays.

  1. From the Command bar, click the Create icon.

    The Create Alert window displays.

  1. From the Alert Type drop-down menu, select an alert type.

  2. In the Alert Name field, enter a name for this alert.

  3. If you selected Threat Summary or Install Summary as the alert type, the Frequency field displays. Select a frequency to determine how often you want the system to send alerts.
    • Daily
    • Weekly
    • Monthly
  4. Click the Next button.

    The Step 2 window displays.

  5. Select one of the following radio buttons to determine the list of recipients that you want to alert:
    • If you already created a distribution list, select the Use existing list radio button.

    • If you have not yet created a distribution list, select the Create new list radio button, enter a list name, then enter the email addresses.

  6. When you're done, click the Next button.

    The Step 3 window displays.

  7. In the Email title field, enter the subject head for the message.

  8. In the Email message body field, enter the text for the message.

  9. The wizard also provides data inputs within the text, which are variables you can use for automatically inserting such information as the hostname of the endpoint. Some data inputs are already displayed for you in the sample text. Data inputs are displayed in brackets.

    To add your own data inputs, click inside the text where you want a variable to display , then click the drop-down arrow for one of the Data Inputs buttons. There is one button for the email title and one for the email body .

  1. Select from the data inputs, which are all described in the following table.

    Note: Depending on the type of alert message you are defining, only the applicable data inputs display in the drop-down menu.

    DATA INPUT

    DESCRIPTION

    Hostname

    The name of the endpoint triggering the alert.

    Group Name

    The group assigned to the endpoint triggering the alert.

    Group Description

    A description of the group assigned to the endpoint triggering the alert.

    Policy Name

    The policy assigned to the endpoint triggering the alert.

    Keycode

    The keycode used for the endpoint triggering the alert.

    Current User

    The user of the endpoint triggering the alert.

    Console Name

    The name of the Console where the endpoint is included.

    First Seen

    The date and time when this event was first detected.

    Last Seen

    The date and time when this event was last detected.

    Last Infected

    The date and time the endpoint triggering the alert was last infected.

    Operating System

    The operating system version on the endpoint triggering the alert.

    Agent Version

    The version number of the SecureAnywhere software installed on the endpoint triggering the alert.

    MAC Address

    The Media Access Control (MAC) address on the network where the endpoint triggering the alert is installed.

    Workgroup

    The network workgroup where the endpoint is located, if any.

    Active Directory

    The name of the Active Directory.

    Infection List

    A list of infections.

    Infection Summary

    A summary of the infections.

    Install Summary

    A summary of the SecureAnywhere installations.

    Note: Both the Workgroup and Active Directory data points are unsupported in the Mac agent.

  1. To view the email message, click Preview.
  2. When you are done creating the message, click Finish.