You can create and configure alerts of the following types:
Alert Type |
Description |
---|---|
File Activity: Propagating File |
A locally unapproved file appears on more than a percentage of computers for the policies and time period you specify. If you are not operating in High Enforcement, propagating files can indicate a spreading virus. |
File Activity: Blocked File |
The same file is blocked on more than a specified percentage of computers for the policies and time period you specify. |
Baseline Drift Alert |
Baseline drift of files reaches the specified threshold. |
File Prevalence Alert |
A specified file is present on more than a specified number of computers. |
Event Alert |
Specified events occur, or a specified event rule is triggered, more than a threshold number of times in the specified time period. |