Configure the alerts settings Skip Navigation

Configure the alerts settings

  1. From the
    Application Settings
    dialog, click the
    Alerts
    tab.
  2. In the
    Detection Threshold
    section, set the range for the
    CylanceINFINITY
    score for abnormal files. Increasing or decreasing the threshold for abnormal files also affects the ranges for safe and unsafe files. Enter a number between 0.00 and 0.95, or use the slider to change the range.
  3. In the
    Syslog (Watcher Only)
    section, you can enable the
    Send unsafe file detection events to syslog server
    checkbox to configure server settings to have unsafe file detection events sent to a syslog server.
  4. If you have enabled
    Send unsafe file detection events to syslog server
    , specify the following:
    • In the
      Server
      field, enter the IP address for the syslog server.
    • In the
      Port
      field, enter the port number for the syslog server.
    • In the
      Facility
      field, select the Syslog facility from the drop-down List. The Syslog facility is an information field in the syslog message to provide a general idea of what part of the system the message originated from.
    • In the
      Severity
      field, select the event to log from the drop-down list. For example, Selecting
      Emergency (0)
      results in only severe events being logged, while selecting
      Debug (7)
      means all events are logged. The more information added to the log file, the larger the log file could get, depending upon the number of events. Enabling debug logging will result in the largest log files.