Email notifications on Malware Detection

  • 30 November 2017
  • 7 replies

Userlevel 2
Badge +2
Hi Team,
I would like to submit a feature request: I believe it would be very beneficial when the portal administrator receives an email notification when Malware is detected on one of the registered devices. Now the administrator has to go to the portal (daily) to manually check the health status of the registered devices. Of course the users are notified locally on their device (via popup and suggestion to remediate), but we all know that most users don't care and will certainly not notify their administrator that Malware was detected and removed.

7 replies

Userlevel 4
Badge +16
Sounds like a good idea - hopefully they can add something along those lines at some point.  As an alternative, have you considered creating a scheduled report for "Threat Detection Summary" (last 24 hours) to be emailed to you daily? 
Another option would be to pull threat detection information from GSM using the API (as described here).  It's not as bad as it sounds - I posted some PowerShell examples over in the API section of the forum.  Once you have a script that outputs what you want, you can run it whenever you want.  I've been cranking-away at various auditing scripts lately: if this sounds like something that'd be helpful let me know and I'd be happy to whip something up!
Userlevel 6
Badge +24
Maybe I am missing something, but you can configure alerts at the global level in the GSM console by going to Global Settings -> Alerts Tab, and adding an alert with the type being "Threat Detected".  You can modify the content and also create distribution lists.  I have a global alert set for threats detected, and I also have a few, more proactive, client sites that I have also configured site specific alerts for.
Userlevel 2
Badge +2
Hi Jcail,
Thanks for the tip, but I do not have this option in my console. I might not have the GSM console, not sure, but I manage 3 Webroot environments and only have the option to switch between environments (also very cumbersome) and change my account settings. Nothing like an Alerts Tab.
Userlevel 7
Badge +35
We appreciate your suggestion and have taken it into consideration. We are working on a complete transformation of the alerts and reporting functionality, which we are currently planning to release towards the end of 2018. Once that update has been rolled out, we will look forward to hearing your thoughts on the new functionality. Thank you!
I agree with the others. We purchased our licenses from a reseller so there is no global admin console, I assume that company has global access and our company only has a "local" console. We desperately need a notification when malware is detected as having to check the console daily should not be necessary and can easily be overlooked.
Userlevel 1

I have been trying to figure out how to do this and found this thread.  Is this really not a capability of the program?  All I want is for an alert to be generated/emailed if a virus is found.  😥

You can also configure Endpoint Protection alerts in Microsoft Configuration Manager to notify administrative users when specific events, such as a malware infection, occur in your hierarchy. Notifications display in the Endpoint Protection dashboard in the Configuration Manager console in the Alerts node of the Monitoring workspace, or can be emailed to specified users.