Protection
Create a monitoring policy to monitor the Protection status of your devices with installed and activated supported ESET security products. (Optional) Include automatic action in a task to be performed based on the monitoring alert.
1.From the left-hand side menu, click Sites > All Sites and then select the desired site.
2.Click Policies.
3.Click the Create Policy button.
4.Type policy Name and Description.
5.Select policy Scope. If you select Site, confirm the desired site name in the search window below.
6.Select policy Type to Monitoring from the drop-down menu.
7.In the Monitors section, click the Add Monitor button.
8.In the Monitor Type section, click the Select button. In the Select a Monitor window, click the Select button next to Component.
9.In the Alert section, click the Select a Component Monitor button.
10. In the Device Monitor Components window, click the Select button next to the desired ESET Direct Endpoint Management - Monitor [XXX] component.
OS-specific components Select a desired operating system component: Windows [WIN], macOS [MAC] or Linux [LIN]. |
11. In the Configure the Monitor alert criteria for your monitor component, next to Variables, click the check box next to Protection only.
12. Select the User-Defined Field esetProductStatusUDF, esetProtectionStatusUDF, esetProtectDetailsUDF and esetThreatScanStatusUDF you previously configured in the User-Defined Fields from the drop-down menu by mapping the correct field line number.
UDF updates Selecting all User-Defined Fields ensures they are updated on each monitoring run. |
13. For the Execute the Component Monitor every (minutes), set the runtime interval in minutes. For example, every 5 minutes.
14. For the Raise an alert of priority, select the desired priority. For example, Critical.
15. For the Auto resolve the alert if it is no longer applicable, set the desired time interval. For example, After 1 day.
16. (Optional) You can configure automatic action as a task to be performed based on the monitoring alert. In the Response section, click the Run a Component toggle. In the Component Library window, click the Select button next to the desired ESET Direct Endpoint Management - Tasks [XXX] component.
OS-specific components Select a desired operating system component: Windows [WIN], macOS [MAC] or Linux [LIN]. |
17. Select the desired Task from the drop-down menu. Configure other task variables if necessary, overriding both global and site-specific variables.
Example response For the Protection monitoring alert, investigate the cause of the failed protection first. Configure the Onboard task to perform automatic installation and activation for any device without a supported ESET security product installed. |
18. (Optional) Click the Send an email toggle, to send an email alert to one or multiple recipients. Configure the email Subject line and Recipients.
19. (Optional) Click the Send a webhook toggle to send a notification When alert is triggered (by default) or When alert is resolved (optional). Configure the webhook URL, Content Type and the Alert raised payload.
20. Click Add Monitor.
Multiple monitors You can add other monitors to the same policy to perform additional actions. Click the Add Monitor button again. |
21. (Optional) In the Targets section, click the Add Target button to specify the target devices for this policy. By default this policy will run on all devices in the selected site (step 5), but you can specify targets further by selecting one of the options from the next window. For example, All Windows Desktops in the selected site.
Multiple targets You can add other targets to the same policy. Click the Add Target button again. |
22. (Optional) In the Enabled section click the Disabled button to disable the policy for now. The created policy is enabled by default.
23. Click the Save and deploy now button. In the next window click Confirm.
A short confirmation message, "Policy saved successfully", will appear.