Here are some tips to hopefully get you started with setting up alerting on AV.
1) Create a new Alert ruleset in the 32bit console and give it a name.
2) Right click on the new ruleset and choose edit.
3) On the left click on alerts. This will populate the list in the center, left click on LANDesk Antivirus(found in the standard folder)
4) On the right you will see all the different AV alerts populate. At this point choose what you want to be alerted on. Drag each desired one down to the alerts well at the bottom.
5) Next you need to configure an email alert. Left click on actions on the upper left, then choose send email, then create a new email action. Make sure you enter in a valid to and from and smtp server, in the body of the message you can put in variables
%D - Description of the event.
%S - Severity of the event.
%N - Name of affected node.
%T - Time of event.
Drag it down to your well when done.
Note: there have been changes from 8.7 to 8.8 for sendmail so if you do have problems with the email not sending, post a response and Ill give you the details, there is just a lot that goes into it.
6) Then click on Time in the upper left and drag down Always or any desired timeframe.
7) Click ok at the bottom and then publish on the right. Close the ruleset flexconsole.
8) Now deploy this ruleset by right clicking on it and creating a task to deploy the ruleset. Deploy to the appropriate machines with AV agents on them.
That is exactly the help I needed
1 of 1 people found this helpful
What is also quite cool is to set a thrshold for a virus "outbreak". If you have 5000 devices, then it might be normal to get 10 viruses a day, and you dont necessarily want to know about them, but you might want to know if you suddenly have 20 viruses detected in 60 Minutes - that would be an outbreak and worth worrying about. There is a threshold you can define for this, and a different alert. Might make life easier....
Good to know!
Fortunatelly, I don't have nearly that many nodes to worry about.
I'm paranoid enough, so I'd like to know if anything gets infected.