Review Alerts
When endpoints identify malware, they create alerts which are sent back to the Endpoint Security Server. If the AntiVirus engine has identified malware on the endpoints and has been unable to clean it, alerts are sent up the server immediately as prompt action may be required. However, if the engine has already cleaned and/or has quarantined the file or deleted the file, the AntiVirus module waits until the scan has been completed before sending up the alerts. This is done to minimize the number of messages being sent for unimportant events.
When the alerts are returned to the server, they can be viewed on the Centralized Alerts page. On this page, the endpoints are grouped into categories of:
- Not Cleaned
- Quarantined
- Cleaned
- Deleted