Configure the alerts settings
- From theApplication Settingsdialog, click theAlertstab.
- In theDetection Thresholdsection, set the range for abnormal files. Increasing or decreasing the threshold for abnormal files also affects the ranges for safe and unsafe files. Enter a number between 0.00 and 0.95, or use the slider to change the range.
- In theSyslog (Watcher Only)section, you can enable theSend unsafe file detection events to syslog servercheckbox to configure server settings to have unsafe file detection events sent to a syslog server.
- If you have enabledSend unsafe file detection events to syslog server, specify the following:
- In theServerfield, enter the IP address for the syslog server.
- In thePortfield, enter the port number for the syslog server.
- In theFacilityfield, select the Syslog facility from the drop-down List. The Syslog facility is an information field in the syslog message to provide a general idea of what part of the system the message originated from.
- In theSeverityfield, select the event to log from the drop-down list. For example, SelectingEmergency (0)results in only severe events being logged, while selectingDebug (7)means all events are logged. The more information added to the log file, the larger the log file could get, depending upon the number of events. Enabling debug logging will result in the largest log files.