ESET Endpoint Security can automatically send notification emails if an event with the selected verbosity level occurs. In Advanced setup > User interface > Notifications > Desktop notifications > Forward to email section, enable Forward notifications to email to activate email notifications.
Forwarded notifications—Select which desktop notifications are forwarded to email.
From the Minimum verbosity for notifications drop-down menu, you can select the starting severity level of notifications to be sent.
- Diagnostic—Logs information needed to fine-tune the program and all records above.
- Informative—Records informative messages such as non-standard network events, including successful update messages, plus all records above.
- Warnings—Records critical errors and warning messages (for example, update failed).
- Errors—Errors (for example, Document protection not started) and critical errors will be recorded.
- Critical—Logs only critical errors (for example, Error starting antivirus protection, or Threat found).
Send each notification in a separate email—When enabled, the recipient will receive a new email for each notification. This may result in many emails received in a short period.
Interval after which new notification emails will be sent (min)—Interval in minutes after which new notifications will be sent to email. If you set this value to 0, the notifications will be sent immediately.
Sender address—Define the sender address displayed in the header of notification emails.
Recipient addresses—Define the recipient addresses displayed in the header of notification emails. Multiple values are supported. Use semi-colon as the separator.
Send method—You can choose sending emails via SMTP or via Microsoft 365 Outlook.
SMTP server—The SMTP server used for sending notifications (e.g. smtp.provider.com:587, pre-defined port is 25).
|
|
SMTP servers with TLS encryption are supported by ESET Endpoint Security.
|
Username and password—If the SMTP server requires authentication, these fields should be filled in with a valid username and password to access the SMTP server.
Enable TLS—Enable sending alert and notification messages supported by TLS encryption.
Test SMTP connection—Test email will be sent to recipient's email address. SMTP server, sender address and recipient addresses need to be filled in, username and password are optional.
Message format
Communications between the program and a remote user or system administrator are done via emails or LAN messages (using the Windows messaging service). The default format of the alert messages and notifications will be optimal for most situations. In some circumstances, you may need to change the message format of event messages.
Format of event messages—Format of event messages that are displayed on remote computers.
Format of threat warning messages—Threat alert and notification messages have a pre-defined default format. We advise against changing this format. However, in some circumstances (for example, if you have an automated email processing system), you may need to change the message format. Custom message format allows the use of HTML tgs to style and structure content.
Charset—Converts an email message to the ANSI character encoding based on Windows Regional settings (for example, windows-1250, Unicode (UTF-8), ACSII (7-bit), or Japanese (ISO-2022-JP)). As the result, "á" will be changed to "a" and an unknown symbol to "?".
Use Quoted-printable encoding—The email message source will be encoded to Quoted-printable (QP) format which uses ASCII characters and can correctly transmit special national characters by email in 8-bit format (áéíóú).
Keywords (strings separated by % signs) are replaced in the message by the actual information as specified. The following keywords are available:
- %TimeStamp%—Date and time of the event
- %Scanner%—Module concerned
- %ComputerName%—Name of the computer where the alert occurred
- %ProgramName%—Program that generated the alert
- %InfectedObject%—Name of infected file, message, etc
- %VirusName%—Identification of the infection
- %Action%—Action taken over infiltration
- %ErrorDescription%—Description of a non-virus event
The keywords %InfectedObject% and %VirusName% are only used in threat warning messages, and %ErrorDescription% is only used in event messages.
|
Microsoft Entra ID
Tenant ID—Send emails securely using your Microsoft 365 Outlook account via Microsoft Entra ID. Client ID is your Microsoft Entra ID directory ID.
Client ID—The application ID from your Microsoft Entra ID application registration. The registered application must be granted application permissions to send mail via Microsoft Graph, either through API permissions in Microsoft Entra ID or more granularly via RBAC for Applications in Exchange Online.
Authentication method—You can choose Client secret or Certificate with Private key.
- Client secret—The secret value generated in your Microsoft Entra ID application.
- Certificate—This certificate must be associated with the application registration (client ID) in Microsoft Entra ID and configured under Certificates & secrets.
Send test email—Sends a test email to verify server connection and authentication.
Message format
Communications between the program and a remote user or system administrator are done via emails or LAN messages (using the Windows messaging service). The default format of the alert messages and notifications will be optimal for most situations. In some circumstances, you may need to change the message format of event messages.
Format of event messages—Format of event messages that are displayed on remote computers.
Format of threat warning messages—Threat alert and notification messages have a pre-defined default format. We advise against changing this format. However, in some circumstances (for example, if you have an automated email processing system), you may need to change the message format. Custom message format allows the use of HTML tgs to style and structure content.
|
