Can I customize ProxyAV alert messages?


<< Back to Knowledge Search

Solution

Overview

Yes, you can modify alert messages from the Advanced > Messages tab on the ProxyAV Management Console.

Each alert message contains information about the event that triggered the message. In the Customize Messages table, you can specify the information that is included in each type of alert.

The first three columns-Protocol, Event, and Command Type-define each type of event.
The Alert column defines the information included in the alert that is logged or sent through e-mail to the administrator.
The Substitute column defines the text that is substituted for the original data. For example, for HTTP downloads, the ProxyAV appliance replaces the entire infected file with the substitute text.

These alerts are not the exceptions displayed to the user. To customize those, you'll need to edit the ProxySG exception page.

Autotext keywords can be used in the Alert and Substitute messages to get contextual information about the event into the messages:

- Click Modify to open the Message screen. The first few fields provide information about the event.
- Under State, the default is to use the default message. Click Custom to alter or annotate the message and character set.
             

                The following keywords may be used:
                %CLIENT: The client IP address.
                %ACTION: The action that was performed (file passed/dropped).
                %URL: The URL from which the file was downloaded.
                %VIRUS: The virus or potentially unwanted software (PUS) name.
                %REASON: Why the event occurred. For example, why was the file scanned?
                %MACHINENAME: The name of the ProxyAV appliance.
                %MACHINEIP: The ProxyAV appliance IP address.
                %HWSERIALNUMBER: The ProxyAV appliance serial number.
                %PROTOCOL: The scanned protocol.
                %APPNAME: The application name (ProxyAV).
                %APPWEB: The application vendor Web address.
                %APPVERSION: The application version.
                %AVVENDOR: The AV vendor.
                %AVENGINEVERS: The AV engine version.
                %AVPATTERNVERS: The AV pattern version.
                %AVPATTERNDATE: The AV pattern date.
                %TIMESTAMP: The time the event occurred.
                %ADMINMAIL: The administrator mail address.
                The % character always precedes the tag name. Capitalization is also important; do not use lowercase variable names.


- Click Save Changes.

Cause
Resolution
Workaround
Additional Information
Bug Number
InQuira Doc IdFAQ1831
Attachment

Article Feedback

Hide Properties
First Published      10/01/2014
Last Modified      08/25/2015
Last Published      08/25/2015
Article Audience
Software      ProxyAV 3
Topic      Configuration / WUI / CLI, Errors / Event Logs / Alerts, Installation / Configuration, Upgrade / Maintenance
Article Number      000008313
Summary     
Was this helpful?
Comments:
 
Previous MonthNext Month
SunMonTueWedThuFriSat