You will be able to add SMTP email addresses for each of the notifi cations listed in
the work pane, as well as customize the individual subject and body fi elds. If you do
not want a specifi c type of notifi cation to be sent, you can also disable it by selecting
the notifi cation name and clicking the Disable button.
TIP
To access other keyword variables when customizing the notifi cation message,
right click in the fi eld and highlight Paste Keyword. You will see a listing of
all available keywords that will provide additional information to the recipient.
Incidents
The incidents section (see Figure 6.10) provides a historical look at the fi les that
triggered an alert during a scan. The work pane has the name of the scan job that
generated the alert along with the location, specifi c fi le, the triggering event, and
specifi cs about the author of the fi le and who last modifi ed the fi le. Analyzing this
data will enable the Forefront administrator to quickly identify a threat to the server
with detailed information about the source of the incident.
The option to purge the logs after a set number of days allows you to keep the
incidents database maintained for quick queries. Filtering the results will allow
you to focus your search to specifi c areas, which will aid in determining who may
be infecting the server. All fi les that were fl agged will show up in the incidents list,
whether it was fl agged for a virus, keyword violation, or fi le type violation.
Pages:
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271