{"id":426,"date":"2012-09-23T16:15:53","date_gmt":"2012-09-23T14:15:53","guid":{"rendered":"http:\/\/sccmfaq.wordpress.com\/?p=426"},"modified":"2012-09-23T16:15:53","modified_gmt":"2012-09-23T14:15:53","slug":"sccm-2012-maware-detection-e-mail-alert","status":"publish","type":"post","link":"https:\/\/blog.hosebei.ch\/?p=426","title":{"rendered":"SCCM 2012 – Malware detection E-Mail Alert"},"content":{"rendered":"

In System Center 2012 Configuration Manager, it is easy to configure a E-Mail Alert, when malware is recognized on a system which is protected by System Center Endpoint Protection.<\/p>\n

Your first step, is to configure a proper connection to send the E-Mail. Navigate to your Central Administration or Primary Site, and\u00a0open Configure Site Components to chose Email Notification:
\n\"\"<\/a>Configure your settings and send a Test-Mail:
\n\"\"<\/a>If you received the Test-Mail, go further, and configure alerting on Collections, open properties for the collection where you want to get a mail, when malware is found:
\n\"\"<\/a>After this step, you can configure the conditions, but in this case, i just used standard values. By clicking on OK, the alerting is possible, but not activated yet. To do this, click on Monitoring, and open the tree “Alerts”, chose “Create Subscripton, to active your Email Alert:
\n\"\"<\/a>The Wizard appears, and have to select your Malware Alert previous generated. As you might see, you can configure the subscription for more than only one address:
\n\"\"<\/a>So, but now, I would like to test, if it’s really works. No worries, just before you download a real virus, just take the eicar,\u00a0a Test Malware from the Microsoft recommended website (http:\/\/www.microsoft.com\/security\/portal\/Threat\/Encyclopedia\/Glossary.aspx#e<\/a>):
\nhttp:\/\/www.eicar.org\/86-0-Intended-use.html<\/a><\/p>\n

When you try to run the file, shortenly after, you will receive your email, and you can check your SCEP Log:
\n\"\"<\/a>I hope this helps.<\/p>\n","protected":false},"excerpt":{"rendered":"

In System Center 2012 Configuration Manager, it is easy to configure a E-Mail Alert, when malware is recognized on a system which is protected by System Center Endpoint Protection. Your first step, is to configure a proper connection to send the E-Mail. Navigate to your Central Administration or Primary Site, and\u00a0open Configure Site Components to […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[15,18,19],"tags":[],"class_list":["post-426","post","type-post","status-publish","format-standard","hentry","category-configmgr","category-endpoint-protection","category-general"],"_links":{"self":[{"href":"https:\/\/blog.hosebei.ch\/index.php?rest_route=\/wp\/v2\/posts\/426","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.hosebei.ch\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.hosebei.ch\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.hosebei.ch\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.hosebei.ch\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=426"}],"version-history":[{"count":0,"href":"https:\/\/blog.hosebei.ch\/index.php?rest_route=\/wp\/v2\/posts\/426\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.hosebei.ch\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=426"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.hosebei.ch\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=426"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.hosebei.ch\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=426"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}