This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Email Alerting

Hello

 

First im not quite sure where to log this as we are using sophos av consol and have configured Sophos for our endpoints Messaging - Email Alerting for everything except other Errors.

Im seeing that we get the emails through for macs either when the malware has been cleaned up or not, but for PC's it seems to be abit hit or miss whether we get an email notification.

For example today i saw that an endpoint recieved a threat called MAL/FakeAvJs-A that was automatically cleaned up (i checked this in the sophos logs).

There was no email notification of this sent out.

 

Any ideas as to why some alerts get generated and some not?

 

Thanks



This thread was automatically locked due to age.
Parents
  • Hello mark salmon,

    not quite sure where to log this
    if it's
    a licensed product it's not Home, could be Endpoint or Central (perhaps UTM).

    Anyway, you did see (in the AV log/SAV.txt) a reference to a file in the file system and a subsequent Cleaned up? In this case you should get a notification AFAIK. Please note that for threats blocked by Download scanning you don't get an alert as the threat never made it on the machine. Could you perhaps post the relevant lines from the AV log?

    Christian

  • Morning 

    here are the details from the log

    20161206 121333 Access to location "breach-14xz3j.pw/virus.dill" was blocked for user
    20161206 121333 Virus/spyware 'Mal/FakeAvJs-A' has been detected at "breach-14xz3j.pw/virus.dill"
    20161206 122128 Using detection data version 5.33 (detection engine 3.64.3). This version can detect 12258828 items.

     

    Im unable to see if this came from a website url , im guessing so which why we may not have been alerted.

     

Reply
  • Morning 

    here are the details from the log

    20161206 121333 Access to location "breach-14xz3j.pw/virus.dill" was blocked for user
    20161206 121333 Virus/spyware 'Mal/FakeAvJs-A' has been detected at "breach-14xz3j.pw/virus.dill"
    20161206 122128 Using detection data version 5.33 (detection engine 3.64.3). This version can detect 12258828 items.

     

    Im unable to see if this came from a website url , im guessing so which why we may not have been alerted.

     

Children