This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
nagaraja_cs
Contributor
‎2020-02-18 08:15 AM
Jump to solution

Can we configure mail alerts if the Endpoint Client detects or prevents any malware file ?

Hi Team,

We have a Sandblast Agent installed.

We want to setup mail alert if the user downloads any malicious file.

Is it possible to configure ?

0 Kudos
1 Solution

Accepted Solutions
RS_Daniel
Advisor
‎2021-04-03 08:01 AM
Jump to solution

Hi,

We opened a case fot this, and TAC helped us to create notifications with Threat Hunting, so just possible for EPMaaS. Received mails are in my opinion better than smartevent mails. One advantage you can create a mail notification for any possible query. Steps to configure these mail notifications:

  1. Go to threat hunting menu, and choose “notifications” tab
  2. Enter the recipients list
  3. Create the required query (if you want just alert on new detections you query would be “detection event EXISTS”)
  4. Create a shared bookmark for that query and check the “email” checkbox

View solution in original post

10 Replies
nagaraja_cs
Contributor
‎2020-02-28 12:45 AM
Jump to solution

Hi Team,

Is this requirement possible ?

0 Kudos
Adrian_Platero
Explorer
‎2020-05-02 02:36 AM
In response to nagaraja_cs
Jump to solution

I'm also interested in this thread. I configured alerts in SmartEndpoint, but these alerts don't notify detects or prevents actions, just if the computer still infected.

I also did the steps of sk165614 but i didn't receive mails from detects or prevents, only received alerts from successfully endpoint updates or started/finalized/stopped scans and other things....

 

Any guide to configure mail alerts for detects or prevent malware??

 

Thx

0 Kudos
Kobie_Bendalak
Employee Alumnus
Employee Alumnus
‎2020-11-04 11:30 PM
In response to Adrian_Platero
Jump to solution

@Adrian_Platero You are right, the SmartEndpoint OR Web alerts provide laconic information at this time; and not "crunched" information as you would expect.

We are working hard on extending it, and in the near future, you'll be able to gain more information out of these alerts.

As for the sk165614 configuration; at this time we have a limitation around it - but we are aiming to solve this issue soon.

I suggest you'll open a TAC ticket to have their assistance in configuring it, you may send me the ticket and I'll help you in escalating it quickly.

0 Kudos
Adrian_Platero
Explorer
‎2020-12-15 05:00 AM
In response to Kobie_Bendalak
Jump to solution

@Kobie_Bendalak Thank you!

I just open a TAC ticket.

 

0 Kudos
Trey
Contributor
‎2021-04-02 07:36 AM
In response to Kobie_Bendalak
Jump to solution

@Kobie_Bendalak ,

Has there been any progress on Web alerts? We have a new, large customer who is asking for this.

Thanks!

Kevin_T600
Contributor
‎2021-11-22 01:25 PM
In response to Kobie_Bendalak
Jump to solution

Any update on this? We are looking to specifically get notified when a machine is infected. Thank you

0 Kudos
Julian_Sanchez
Collaborator
‎2020-11-04 05:25 PM
Jump to solution

Hello guys, 

We have SBA Cloud and we are trying to configure the alerts too. Anyone can configure this? I have errors with the configuration. 

0 Kudos
Kobie_Bendalak
Employee Alumnus
Employee Alumnus
‎2020-11-04 11:31 PM
In response to Julian_Sanchez
Jump to solution

@Julian_Sanchez Please raise a TAC ticket and share the number w/ me; if possible also attach a few screenshots to speed up the process.

0 Kudos
Ted_Serreyn
Collaborator
‎2021-04-02 07:38 AM
In response to Kobie_Bendalak
Jump to solution

I have been asking for this feature type for quite a while.  In our case complicated by separate endpoint and management on premise.

0 Kudos
RS_Daniel
Advisor
‎2021-04-03 08:01 AM
Jump to solution

Hi,

We opened a case fot this, and TAC helped us to create notifications with Threat Hunting, so just possible for EPMaaS. Received mails are in my opinion better than smartevent mails. One advantage you can create a mail notification for any possible query. Steps to configure these mail notifications:

  1. Go to threat hunting menu, and choose “notifications” tab
  2. Enter the recipients list
  3. Create the required query (if you want just alert on new detections you query would be “detection event EXISTS”)
  4. Create a shared bookmark for that query and check the “email” checkbox

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events