I need an adjustment in my notifications.
Initially when we signed on with SEPM, we got a virus notification and then constant reminders. We didn't like having to go in an tell SEPM we were aware of the notifiction to turn off the period (hourly?) reminders.
So now we get a notifiction about a new risk alert. (I can check. I don't remember exactly). It's a new risk and something like a newly seen virus on that specific machine though. Two types of alerts.
But we only get the alert one time for a machine. (I think.) If the machine got reinfected with a virus it already had before, we wouldn't get an alert.
Additionally, a user recently notified us of instrusion detection popups he was seeing. We didn't get any alerts though. In that case, it was actually something we'd want to be aware of. There are constant brute force remote desktop logins going on though. I wouldn't care to know about those from SEP.
So I want to tweak the notifications a bit more. I want to know each time an actual virus appears on a machine. I want to know if a significant instrution is detected (not a bot trying passwords on remote desktop with each ip address for an hour or so before it gives up).
What would the settings be for that? I only need one alert too, not the first alert... second email to remind me... third email to remind me.... That set up was a nuisance.