Chapter 8 - Alert Management

  • Article

 

Applies to: Microsoft Antigen

The Antigen Enterprise Manager can be configured to provide Alerts about a variety of events on the servers managed by the AEM.

The Alerts include:

Virus Alerts

Notify administrators of possible virus outbreaks.

Spam Alerts

Notify administrators of possible spam outbreaks/attacks.

Filter Alerts

Notify administrators of unusually high or low content filtering activity (This information is based on message counts.).

File Filter Alerts

Notify administrators of unusually high or low file filtering activity (This information is based on file attachment counts.).

Signature Update Alerts

Notify administrators of the success or failure of signature file updates.

Configuring Alerts

To configure an Alert (other than a Signature Update Alert, which is discussed separately), follow these steps:

  1. Click Alerts in the Alert Management section of the Navigation area. The Manage Alerts work pane is displayed as shown below:
    dc28943f-2aca-49b9-a930-8082bbd9cabd

  2. Select a server or server group for which you would like to configure the Alert.

  3. Click one of the Alert types: Virus Alerts, Spam Alerts, Filter Alerts, or File Filter Alerts (see below for Signature Update Alerts). The Update Alerts work pane is displayed.

    Note

    The Virus Alert report will be used as an example, however most Alerts are configured and run using the same basic steps. The Signature Update Alert is described separately.

    ddcfb307-55d8-493e-928c-574f59ae0b45

  4. Complete the following information:

    1. *Enable Alerts—*Choose what events should trigger a notification. You can configure the AEM to alert you if no viruses are detected during a specified period or if the number of viruses detected surpasses a certain threshold during a specified period.
    2. *Outbreak Settings—*This setting is used to notify the administrator when a virus outbreak has ended. Enter the length of time that the virus detection rate must be below the alert threshold after an alert has been triggered in order to consider the outbreak over.
    3. *E-mail Notification—*Enter the e-mail addresses of administrators and others who should receive the Virus Alert notifications.
    4. *SNMP Notification—*If you would like to receive SNMP Traps, enter the name of the server that should receive the notifications.

  5. Click the Save button to finish.

The Signature Update Alert

The Signature Update Alert alerts administrators about the success or failure of an engine signature update. To configure this alert, follow these steps:

  1. Click Alerts in the Alert Management section of the Navigation area. The Manage Alerts work pane will be displayed.
  2. Select a server or server group for which you would like to configure the Alert.
  3. Click the Signature Update Alerts button on the Alerts work pane. The Update Alerts work pane will open.
  4. Complete the following information:
    1. *Enable Alerts—*Check the appropriate check boxes to configure the AEM to send alerts upon the success of a signature update or the failure of a signature update.
    2. *E-mail Notification—*Enter the e-mail addresses of administrators and others who should receive the Signature Update notifications.
    3. *SNMP Notification—*If you would like to receive SNMP Notifications, enter the name of the server that should receive the notifications.
  5. Click the Save button to finish.