Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Way to limit # of email alerts per PC using Alert Manager?

Status
Not open for further replies.
AnotherITguy

AnotherITguy

MIS
Sep 16, 2003
76
0
0
US
Hello All,


I'm in the process of testing Alert Manager v4.7 and I'm configuring the clients to email the admin staff when a virus is detected. The concern I have is that at times the database has listed 500+ incidents from one machine in just a few hours (Nachi was bouncing back and forth between two machines...their virus DATs were up to date, but the security holes were not patched). We have 6 admins here and if each of them are receiving email alerts that would add up to 3000 emails in just a few hours. Is there some way to configure Alert Manager so that it will only email one time per machine per day or something like that? That sounds confusing, what I'm trying to say is that I would like to have it configured so that if PC "A" gets infected, I only want one email about it per day even if it gets infected by another virus or whatever. From the first email I'll already be advised that attention is needed for that PC... Anyone?


Thanks,


Jay
 
Sort by date Sort by votes
That would be great, but say you have a virus outbreak happening at the moment and you only receive ONE ALERT, you won't have an idea of the magnitude of the infection until much later.

AVChap
... been there, done that, made that mistake too, see where I am now.
 
Upvote 0 Downvote
AVChap - Thanks for the reply!


My thought is that if PC "A" tells me it's infected, fine I'll go service it as needed ASAP -I don't need to hear about 500 times. If an outbreak happens I would like to think it would become apparent if multiple machines start emailing me, even if it's only one email per PC... Just my thoughts...

Thanks again,


Jay

 
Upvote 0 Downvote
As I said, if you only get one alert per PC, it would cloud your judgement as to whether you'll service it immediately (it's only one infection right? :)) but if you get a lot, then it would require more attention.

Just my 2cents worth.

AVChap
... been there, done that, made that mistake too, see where I am now.
 
Upvote 0 Downvote
I think this is a valid question. It's not a case of 'not realising' when an outbreak in present... I personally don't want the Nachi virus to cause McAfee to hammer my SMTP server with thousands of emails!

This happened to me and our SMTP server crashed because McAfee on 200 computers kept sending emails to the administrators. An 'Outbreak' email that states how many infecteds it detected would be much better.

-=L9NUX=-

-= There's no place like 127.0.0.1 =-
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

2
  • Question
Loss of my privacy
Replies
0
Views
75
27Astrid
2
Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
148
Sameer258
Sameer258
Sparrow4
  • Locked
  • Question
Configure Avaya IPO R11 / VM Pro + Office365 or Exchange for voicemail to email
Replies
2
Views
149
Johnkite
Johnkite
Tommy_T
  • Locked
  • Question
Sonic wall - Have an issue remotely connectioning VNC and SMB (and AFP) to one of the 2 ISP circuits
Replies
1
Views
125
nnaarrnn
nnaarrnn
Shmid
  • Locked
  • Question
Hi We´re thinking of enabling Ac
Replies
0
Views
98
Shmid
Shmid

Part and Inventory Search

Sponsor

Back
Top