Enabling or Disabling ATI Alert Updates for Notifications

You can enable or disable Advanced Threat Intelligence (ATI) alert updates for notifications through HTTP and email protocols.

Rsyslog and SNMP protocols are not supported.

When you enable ATI alert updates for notifications, notifications will be sent for events with threat intelligence on Malware Analysis appliances. When you disable ATI alert updates for notifications, notifications will not be sent for events with threat intelligence on Malware Analysis appliances. When ATI alert updates are enabled, notifications will not be sent for alerts with threat intelligence that were detected more than 90 days ago. If multiple alerts match the same ATI event triggered on the appliance, notifications will be sent only for the first three alerts per day. For detailed information about ATI, see Enabling or Disabling ATI Alert Updates for Notifications Using the CLI.

ATI alert updates for notifications are configured only using the CLI. This feature is disabled by default.

Prerequisites

• The Malware Analysis appliance must have an established connection to the Internet.
• Administrator or Operator access to the Malware Analysis appliance