Email Notifications
You can turn on email notifications on My OPSWAT Central Management to receive notifications when certain events occur. The notifications can be sent in HTML or JSON format.
Create a new email notification group
Note that you need to assign a notification group to a device group or account level to let My OPSWAT Central Management to send out notifications
Log into My OPSWAT Central Management console
Navigate to Settings > Notification Groups
Click Create New Group
Fill in required information
- Input the email notification group name
- Email format
- Input the emails you would like to receive a notification to. Each email should be on it's own line.
- select events that trigger an email notification.
Choose a notification format.
Click Save and confirm your PIN if required to save changes.
- More information may be added into the email content for both HTML and JSON.
- The content in HTML format is only the main content of notification. The full notification includes other static messages.
Manage email notification groups
- Log into My OPSWAT Central Management console
- Navigate to Settings > Notification Groups
- Click the trash can icon to remove a notification group if it's no longer needed.
- Click on a notification group if you want to view details or update that notification group
Assign a notification group to the account
- Log into My OPSWAT Central Management console
- Navigate to Settings > Global> Notifications if you would like to apply for entire account or Inventory > Group> a specific endpoint group > Notification if you would like to apply for a specific endpoint group
- Enable Notifications if you are configuring for a specific group
- Click Assign Notification Group
- select notification groups you would like to apply
- click Save
Samples of email notifications
Admin logged on/off
Subject: [My OPSWAT Central Management] Admin logged on: First_Name (email@yourdomain.com)
| Event: | Admin logged on |
|---|---|
| Admin Name: | <admin name> |
| Admin Email: | <email> |
| Details: | Admin logged on |
| Time: | <date and time> |
{ "event": "Admin logged on", "first_name": "First Name", "last_name": "Last Name", "email": "email@yourdomain.com", "details": "Admin logged on", "time": "Oct 02, 2017 10:39 AM (UTC)",}Device added
Subject: [My OPSWAT Central Management] Device added: LINCOLN7
| Event: | Device added |
|---|---|
| Nickname: | LINCOLN7-172911119 |
| Hostname: | LINCOLN7 |
| User: | alice |
| Device ID: | LINCOLN7 |
| User Identity: | N/A |
| MAC Address: | 19:03:f1:81:21:45 |
| Time: | Oct 09, 2017 09:38 AM (UTC) |
{ "event": "Device added", "device_id": "deviceIDxxxx", "nickname": "WSEVN02", "hostname": "WSEVN02", "group_name":"San Francisco", "user_identity": "", "agent_type": "Managed", "time": "Sep 29, 2017 04:56 AM (UTC)", "user": "username", "network_info": [{ "ipv4": "109.184.237.115", "ipv6": "fe80::2d88:eab7:6001:6ec7", "mac": "02:21:9b:06:4b:96", }]}Device changed status to compliant
Subject: [My OPSWAT Central Management] Changed status to compliant: LINCOLN8
| Event: | Device changed status to compliant |
|---|---|
| Nickname | <nick name> |
| Hostname | <host name |
| User | <user> |
| Details: | Device changed status to compliant |
| Cirical Issue | false/true |
| Device ID | <device id> |
| User Identity | <user identity> |
| Group Name | <group name> |
| MAC address | <mac address> |
| Time | <time> |
{ "event": "Changed status to compliant", "device_id": "deviceIDxxxx", "nickname": "WSEVN02", "hostname": "WSEVN02", "group_name":"San Francisco", "user_identity": "", "agent_type": "Managed", "time": "Sep 29, 2017 04:56 AM (UTC)", "issue": { "total_issue": 10, "total_critical_issue": 3, "total_warning_issue": 7 }, "user": "username", "network_info": [{ "ipv4": "109.184.237.115", "ipv6": "fe80::2d88:eab7:6001:6ec7", "mac": "02:21:9b:06:4b:96", }], "details": [ { "category": "AV", "products": [{ "id": "a896b7b839ef62671314990f8d1d6794", "name": "Microsoft Security Essentials", "vendor": "Microsoft Corp.", "version": "4.4.0304.0", "issues": ["Real time protection is on", "Virus definitions were updated within the last 3 days", "A full system scan was run within the last week", "35 threats detected within the last week"], "critical": 1 }] }, { "category": "repeated_threats", "total": 1, "threats": [{ "critical": 0, "file": "C:\\Windows\\KMSEmulator.exe", "scan_time": "2015-05-12T23:32:19Z", "threat_name": "@ApplicUnwnt.Win32/HackKMS.A", "repeat": 2, "product_name": "ESET Endpoint Security", "product_vendor": "ESET", "product_version": "5.0.2211.0", "severity": "0", "action": "5", "type": "0" }] }, { "category": "running_processes", "total": 1, "threats": [{ "critical": 0, "file": "C:\\ProgramData\\WindowsMangerProtect\\ProtectWindowsManager.exe", "hash": "e152e3ea7c356cfed40306ff946233d0", "link":" https://www.metadefender.com/#!/results/file/ZTE3MDkwMXJrb0c5UWFYUFktSHlnYjVIMGot/regular/analysis", "scan_time": "2015-05-13T17:00:34Z", "threat_name": "Generic6.WQW", "details": [{ "threat_name": "ADWARE/ELEX.Gen", "av_name": "ClamAV" }] }] }, { "category": "ip_suspicious", "total": 0, "threats": [] } ]}Device reported threats
Subject: [My OPSWAT Central Management] Daily malware found: LINCOLN8
| Event: | Daily malware found |
|---|---|
| Nickname: | LINCOLN8 |
| Hostname: | LINCOLN8 |
| User: | username |
| Details: | Threat detected: Trojan.Win32.Heur.Gen (View details on Metadefender Cloud) Path: c:\program files\avast software\avast\avastsvc.exe Detected by: K7, CYREN, Emsisoft, K7, NANO Threat detected: Trojan222.Win32.Heur.Gen (View details on Metadefender Cloud) Path: c:\program files (x86) otepad++\plugins\poormanstsqlformatternppplugin\linqbridge.dll Detected by: CYREN, Emsisoft, K7, NANO, K7 |
| Critical Issue: | true |
| Device ID: | LINCOLN8 |
| User Identity: | N/A |
| MAC Address: | N/A |
| Time: | Oct 09, 2017 10:13 AM (UTC) |
{ "event": "Device infection found", "device_id": "deviceIDxxxx", "nickname": "WSEVN02", "hostname": "WSEVN02", "group_name":"San Francisco", "user_identity": "", "agent_type": "Managed", "time": "Sep 29, 2017 04:56 AM (UTC)", "issue": { "total_issue": 10, "total_critical_issue": 3, "total_warning_issue": 7 }, "user": "tle", "network_info": [{ "ipv4": "109.184.237.115", "ipv6": "fe80::2d88:eab7:6001:6ec7", "mac": "02:21:9b:06:4b:96", }], "details": [ { "category": "repeated_threats", "total": 1, "threats": [{ "critical": 0, "file": "C:\\Windows\\KMSEmulator.exe", "scan_time": "2015-05-12T23:32:19Z", "threat_name": "@ApplicUnwnt.Win32/HackKMS.A", "repeat": 2, "product_name": "ESET Endpoint Security", "product_vendor": "ESET", "product_version": "5.0.2211.0", "severity": "0", "action": "5", "type": "0", "existing": 1 }] }, { "category": "running_processes", "total": 1, "threats": [{ "critical": 0, "file": "C:\\ProgramData\\WindowsMangerProtect\\ProtectWindowsManager.exe", "hash": "e152e3ea7c356cfed40306ff946233d0", "link":" https://www.metadefender.com/#!/results/file/ZTE3MDkwMXJrb0c5UWFYUFktSHlnYjVIMGot/regular/analysis", "scan_time": "2015-05-13T17:00:34Z", "threat_name": "Generic6.WQW", "details": [{ "threat_name": "ADWARE/ELEX.Gen", "av_name": "ClamAV" }] }] }, { "category": "ip_suspicious", "total": 0, "threats": [] } ]}Was this page helpful?
