1. Manuals
  2. Brands
  3. McAfee Manuals
  4. Software
  5. EPOLICY ORCHESTRATOR 3.6 - WALKTHROUGH GUIDE
  6. Manual

Creating Rules; Viewing The History Of Notifications - McAfee EPOLICY ORCHESTRATOR 3.6 - WALKTHROUGH GUIDE Manual

System protection, a product overview and quick set up in a test environment version 3.6
Hide thumbs
Table of Contents

Advertisement

®
ePolicy Orchestrator
3.6 Walkthrough Guide

Creating rules

Viewing the history of Notifications

Table 6-1 Default notification rules
Rule name
Associated events
Virus Detected and Not
Virus detected and
Removed
not removed
any product.
Virus Detected
Virus detected
(Heuristics) and Not
heuristics and not
Removed
removed
any product.
Repository update or
Repository Update or
replication failed
Replication Failed
events.
Non-compliant
Non-compliant
Computer Detected
computer detected
events.
Creating a rule is a four-step process:
1 Describe the rule — Naming the rule and defining the level of the
it applies.
2 Set filters for the rule — Specifying the products, event categories, and any threat
names that apply to the rule.
3 Set thresholds of the rule — Defining the aggregation and throttling of the rule.
4 Configure the notifications for the rule — Defining the messages you want sent,
their delivery type, and any executables you want to run when the rules conditions
are met.
For complete instructions, see the ePolicy Orchestrator 3.6 Product Guide.
This feature allows you to view the history of notifications sent. You can view a
collective summary of all notifications sent, by product or category, or a list of all the
specific notifications sent.
Configurations
Sends a notification message:
events from
When the number of events exceeds
1000 within an hour.
At most, once every two hours.
With the source system IP address,
actual threat names, and actual product
information, if available.
Sends a notification message:
When the number of events exceeds
events from
1000 within an hour.
At most, once every two hours.
With the source system IP address,
actual threat names, and actual product
information, if available.
Sends a notification message when any
events are received.
Sends a notification message:
When any events are received.
Once per each rule of the Compliance
Check server task. (This task sends one
event per each of the four rules
associated with the Compliance Check
server task.)
67
ePolicy Orchestrator Notifications
Viewing the history of Notifications
Directory
to which
6
Show Quick Links

Hide quick links:

Advertisement

Table of Contents
loading

Related Manuals for McAfee EPOLICY ORCHESTRATOR 3.6 - WALKTHROUGH GUIDE

Related Content for McAfee EPOLICY ORCHESTRATOR 3.6 - WALKTHROUGH GUIDE

This manual is also suitable for:

Epolicy orchestrator

Table of Contents