You can turn on email notifications on My OPSWAT Central Management to receive notifications when certain events occur. The notifications can be sent in HTML or JSON format.
Create a new email notification group
Note that you need to assign a notification group to a device group or account level to let My OPSWAT Central Management to send out notifications
Log into My OPSWAT Central Management console
Navigate to Settings > Notification Groups
Click Create New Group
Fill in required information
- Input the email notification group name
- Email format
- Input the emails you would like to receive a notification to. Each email should be on it's own line.
- select events that trigger an email notification.
Choose a notification format.
Click Save and confirm your PIN if required to save changes.
- More information may be added into the email content for both HTML and JSON.
- The content in HTML format is only the main content of notification. The full notification includes other static messages.
Manage email notification groups
- Log into My OPSWAT Central Management console
- Navigate to Settings > Notification Groups
- Click the trash can icon to remove a notification group if it's no longer needed.
- Click on a notification group if you want to view details or update that notification group
Assign a notification group to the account
- Log into My OPSWAT Central Management console
- Navigate to Settings > Global> Notifications if you would like to apply for entire account or Inventory > Group> a specific endpoint group > Notification if you would like to apply for a specific endpoint group
- Enable Notifications if you are configuring for a specific group
- Click Assign Notification Group
- select notification groups you would like to apply
- click Save
Samples of email notifications
Admin logged on/off
Subject: [My OPSWAT Central Management] Admin logged on: First_Name (email@yourdomain.com)
| Event: | Admin logged on |
|---|---|
| Admin Name: | <admin name> |
| Admin Email: | <email> |
| Details: | Admin logged on |
| Time: | <date and time> |
{ "event": "Admin logged on", "first_name": "First Name", "last_name": "Last Name", "email": "email@yourdomain.com", "details": "Admin logged on", "time": "Oct 02, 2017 10:39 AM (UTC)",}Device added
Subject: [My OPSWAT Central Management] Device added: LINCOLN7
| Event: | Device added |
|---|---|
| Nickname: | LINCOLN7-172911119 |
| Hostname: | LINCOLN7 |
| User: | alice |
| Device ID: | LINCOLN7 |
| User Identity: | N/A |
| MAC Address: | 19:03:f1:81:21:45 |
| Time: | Oct 09, 2017 09:38 AM (UTC) |
{ "event": "Device added", "device_id": "deviceIDxxxx", "nickname": "WSEVN02", "hostname": "WSEVN02", "group_name":"San Francisco", "user_identity": "", "agent_type": "Managed", "time": "Sep 29, 2017 04:56 AM (UTC)", "user": "username", "network_info": [{ "ipv4": "109.184.237.115", "ipv6": "fe80::2d88:eab7:6001:6ec7", "mac": "02:21:9b:06:4b:96", }]}Device changed status to compliant
Subject: [My OPSWAT Central Management] Changed status to compliant: LINCOLN8
| Event: | Device changed status to compliant |
|---|---|
| Nickname | <nick name> |
| Hostname | <host name |
| User | <user> |
| Details: | Device changed status to compliant |
| Cirical Issue | false/true |
| Device ID | <device id> |
| User Identity | <user identity> |
| Group Name | <group name> |
| MAC address | <mac address> |
| Time | <time> |
{ "event": "Changed status to compliant", "device_id": "deviceIDxxxx", "nickname": "WSEVN02", "hostname": "WSEVN02", "group_name":"San Francisco", "user_identity": "", "agent_type": "Managed", "time": "Sep 29, 2017 04:56 AM (UTC)", "issue": { "total_issue": 10, "total_critical_issue": 3, "total_warning_issue": 7 }, "user": "username", "network_info": [{ "ipv4": "109.184.237.115", "ipv6": "fe80::2d88:eab7:6001:6ec7", "mac": "02:21:9b:06:4b:96", }], "details": [ { "category": "AV", "products": [{ "id": "a896b7b839ef62671314990f8d1d6794", "name": "Microsoft Security Essentials", "vendor": "Microsoft Corp.", "version": "4.4.0304.0", "issues": ["Real time protection is on", "Virus definitions were updated within the last 3 days", "A full system scan was run within the last week", "35 threats detected within the last week"], "critical": 1 }] }, { "category": "repeated_threats", "total": 1, "threats": [{ "critical": 0, "file": "C:\\Windows\\KMSEmulator.exe", "scan_time": "2015-05-12T23:32:19Z", "threat_name": "@ApplicUnwnt.Win32/HackKMS.A", "repeat": 2, "product_name": "ESET Endpoint Security", "product_vendor": "ESET", "product_version": "5.0.2211.0", "severity": "0", "action": "5", "type": "0" }] }, { "category": "running_processes", "total": 1, "threats": [{ "critical": 0, "file": "C:\\ProgramData\\WindowsMangerProtect\\ProtectWindowsManager.exe", "hash": "e152e3ea7c356cfed40306ff946233d0", "link":" https://www.metadefender.com/#!/results/file/ZTE3MDkwMXJrb0c5UWFYUFktSHlnYjVIMGot/regular/analysis", "scan_time": "2015-05-13T17:00:34Z", "threat_name": "Generic6.WQW", "details": [{ "threat_name": "ADWARE/ELEX.Gen", "av_name": "ClamAV" }] }] }, { "category": "ip_suspicious", "total": 0, "threats": [] } ]}Device reported threats
Subject: [My OPSWAT Central Management] Daily malware found: LINCOLN8
| Event: | Daily malware found |
|---|---|
| Nickname: | LINCOLN8 |
| Hostname: | LINCOLN8 |
| User: | username |
| Details: | Threat detected: Trojan.Win32.Heur.Gen (View details on Metadefender Cloud) Path: c:\program files\avast software\avast\avastsvc.exe Detected by: K7, CYREN, Emsisoft, K7, NANO Threat detected: Trojan222.Win32.Heur.Gen (View details on Metadefender Cloud) Path: c:\program files (x86) otepad++\plugins\poormanstsqlformatternppplugin\linqbridge.dll Detected by: CYREN, Emsisoft, K7, NANO, K7 |
| Critical Issue: | true |
| Device ID: | LINCOLN8 |
| User Identity: | N/A |
| MAC Address: | N/A |
| Time: | Oct 09, 2017 10:13 AM (UTC) |
{ "event": "Device infection found", "device_id": "deviceIDxxxx", "nickname": "WSEVN02", "hostname": "WSEVN02", "group_name":"San Francisco", "user_identity": "", "agent_type": "Managed", "time": "Sep 29, 2017 04:56 AM (UTC)", "issue": { "total_issue": 10, "total_critical_issue": 3, "total_warning_issue": 7 }, "user": "tle", "network_info": [{ "ipv4": "109.184.237.115", "ipv6": "fe80::2d88:eab7:6001:6ec7", "mac": "02:21:9b:06:4b:96", }], "details": [ { "category": "repeated_threats", "total": 1, "threats": [{ "critical": 0, "file": "C:\\Windows\\KMSEmulator.exe", "scan_time": "2015-05-12T23:32:19Z", "threat_name": "@ApplicUnwnt.Win32/HackKMS.A", "repeat": 2, "product_name": "ESET Endpoint Security", "product_vendor": "ESET", "product_version": "5.0.2211.0", "severity": "0", "action": "5", "type": "0", "existing": 1 }] }, { "category": "running_processes", "total": 1, "threats": [{ "critical": 0, "file": "C:\\ProgramData\\WindowsMangerProtect\\ProtectWindowsManager.exe", "hash": "e152e3ea7c356cfed40306ff946233d0", "link":" https://www.metadefender.com/#!/results/file/ZTE3MDkwMXJrb0c5UWFYUFktSHlnYjVIMGot/regular/analysis", "scan_time": "2015-05-13T17:00:34Z", "threat_name": "Generic6.WQW", "details": [{ "threat_name": "ADWARE/ELEX.Gen", "av_name": "ClamAV" }] }] }, { "category": "ip_suspicious", "total": 0, "threats": [] } ]}Was this page helpful?
