I only want threat emails!

Discussion in 'ESET NOD32 Antivirus' started by aluminex, Dec 8, 2009.

Thread Status:
Not open for further replies.
  1. aluminex

    aluminex Registered Member

    Joined:
    Oct 13, 2009
    Posts:
    143
    What settings need to be applied for me to receive only threat emails from clients. I don't want to receive event notifications such as. %computername% did not update successfully etc...

    For instance,

    I would like the clients to send me an email with the following information.



    (a) There is a threat.

    (b) The type of threat, object, etc...

    (c) action taken
     
  2. SmackyTheFrog

    SmackyTheFrog Registered Member

    Joined:
    Nov 5, 2007
    Posts:
    767
    Location:
    Lansing, Michigan
    Have you tried bumping up the minimum verbosity setting for the notifications? Cranking that up to Critical Warnings should do what you want.
     
  3. aluminex

    aluminex Registered Member

    Joined:
    Oct 13, 2009
    Posts:
    143

    Thank you for your reply. I was wondering if it is possible to trigger this alert somehow without actually having a threat obviously... but being able to trigger it for testing before rollout would be nice.
     
  4. PaulB2005

    PaulB2005 Registered Member

    Joined:
    Apr 19, 2005
    Posts:
    525
    Have you tried downloading EICAR on a client PC? EICAR is a file that is harmless but most AV detect it as a virus for the purposes of testing and demonstration.

    www.eicar.org - top right "Anti Malware Test file". Read the page and the links are near the bottom.
     
  5. aluminex

    aluminex Registered Member

    Joined:
    Oct 13, 2009
    Posts:
    143

    Smacky, if I am not mistaken this will also tell me every time someone can't connect to the server or if a AV program fails correct?
     
  6. SmackyTheFrog

    SmackyTheFrog Registered Member

    Joined:
    Nov 5, 2007
    Posts:
    767
    Location:
    Lansing, Michigan
    I believe critical warnings include threats that cannot be automatically cleaned, portions of the scanning kernel being disabled/compromised. Basically, things that require manual intervention. Unfortunately, I'm not turning up anything in the KB or documentation that is giving a definite definition on what is included in each of the alerting levels. Maybe a mod or something can clarify on that.
     
  7. aluminex

    aluminex Registered Member

    Joined:
    Oct 13, 2009
    Posts:
    143


    Based on my threat logs the cleaned after next restart is only a warning. Is there a way to customize these perhaps?
     
  8. aluminex

    aluminex Registered Member

    Joined:
    Oct 13, 2009
    Posts:
    143

    I did and it worked great. Thank you!
     
  9. bradtech

    bradtech Registered Member

    Joined:
    Nov 16, 2009
    Posts:
    84
    If you want clients to email you then do the following in Policy manager in the ESET Remote Administrator Console.

    Select the + next to Alerts and Notfications


    Change your Minimum Verbosity for notifications: Critical Errors...

    Anything that does get mixed with Virus information alerts will be things like ESET Antivirus module not loading leaving the computer undetected which could be a sign of infection or something that DOES need to be addressed. :thumb:
     
  10. aluminex

    aluminex Registered Member

    Joined:
    Oct 13, 2009
    Posts:
    143
    This doesn't pick up any action taken that was "cleaned after next restart"
     
Thread Status:
Not open for further replies.