ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.
Endpoint Protection Manger's Single risk event alert notification caveats
Article ID: 237565
Updated On:
Products
Endpoint Protection
Issue/Introduction
Symantec Endpoint Protection Manger's (SEPM) Single risk event alert notification caveats.
Cause
This is by product design.
Environment
SEPM 14.3.x
Resolution
SEPM send's Single Risk Alert notification for below categories only and does not trigger notification for all the detection categories.
This is expected behavior by current product design.
- Virus found
- Security Risk Found
- Compressed File
As a security best practices, SEPM administrators are advised to refer SEPM Risk logs to review all detection events happened across the endpoint's on network.
Additional Information
A notification for "New Risk Detected" will trigger only once when a risk is first logged in the SEPM. Any subsequent detection will not trigger notification irrespective of damper settings.
This is by design.
New Risk Detected Notification
Feedback
Yes
No
Powered by
