ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Endpoint Protection Manger's Single risk event alert notification caveats

book

Article ID: 237565

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

Symantec Endpoint Protection Manger's (SEPM) Single risk event alert notification caveats.

Cause

This is by product design.

Environment

SEPM 14.3.x

Resolution

SEPM send's Single Risk Alert notification for below categories only and does not trigger notification for all the detection categories.

This is expected behavior by current product design.

  • Virus found
  • Security Risk Found
  • Compressed File

 

As a security best practices, SEPM administrators are advised to refer SEPM Risk logs to review all detection events happened across the endpoint's on network.

Additional Information

A notification for "New Risk Detected" will trigger only once when a risk is first logged in the SEPM. Any subsequent detection will not trigger notification irrespective of damper settings.

This is by design.

New Risk Detected Notification