ESET Online Help

Select the category
Select the topic

Rules guide

A rule is defined using XML-based language.

Rules are matched on the server. They have matched asynchronously, so there can be a small delay between when recent events are sent from client to server and processed by rules. A matched rule triggers associated actions and notifies a security engineer by raising a detection. The detection is displayed in the Detections view, but it is also exported to ESET PROTECT On-Prem (or SIEM), or an email can be automatically sent when the detection is triggered.

Link to the Rules Guide is available below the Syntax Reference on the right side.