Documentation says that SMP can be used to alert when attacks are seen. I take "attacks" to mean any significant events that a SIEM would raise as an issue worthy of immediate investigation.
How do you configure this. I can only see events for SMP outages and high level SMP operations aspect - NOT attacks on a client box. I would like to get emails when certain thresholds are reached. Is this out of scope for SMP and should i be looking at R80?