Interval for detection (hours): Specify the detection interval (in hours) in which the number of malware detections must occur. Number of times malware has been detected: - The alert is generated when the same malware is detected on computers in the collection more than the specified number of times. Specify the following information to configure this alert: Repeated malware detection - This alert is generated if specific malware is detected more than a specified number of times over a specified number of hours on the computers in the collection that you monitor. It includes computers that do not yet have the Endpoint Protection client installed. The percentage value is based on the number of computers in the collection, but excludes computers that do not have a Configuration Manager client installed. Percentage of computers with malware detected - The alert is generated when the percentage of computers with malware that is detected in the collection exceeds the percentage that you specify. Malware outbreak - This alert is generated if specified malware is detected on a specified percentage of computers in the collection that you monitor. Low - Detected, still active - The alert is generated when there are one or more computers in the specified collection on which malware is detected and is still active. Medium - Detected, pending action - The alert is generated when there is one or more computers in the specified collection on which malware is detected, and you must manually remove the malware.
High - All detections - The alert is generated when there are one or more computers in the specified collection on which any malware is detected, regardless of what action the Endpoint Protection client takes. The Malware detection threshold specifies the malware detection levels at which this alert is generated: Malware detection - This alert is generated if malware is detected on any computer in the collection that you monitor. In the Conditions list of the Alerts tab, select each Endpoint Protection alert, and then specify the following information:Īlert Name - Accept the default name or enter a new name for the alert.Īlert Severity - In the list, select the alert level to display in the Configuration Manager console.ĭepending on the alert that you select, specify the following additional information: In the Add New Collection Alerts dialog box, in the Generate an alert when these conditions apply section, select the alerts that you want Configuration Manager to generate when the specified Endpoint Protection events occur, and then click OK. On the Alerts tab of the Properties dialog box, click Add.
This option is unavailable for the All Systems collection.
0 kommentar(er)
