rule is named VirusDetected_<groupname>, where <groupname> is the name of the
group as it appears in the System Tree (for example, VirusDetected_Subgroup2c).
Figure 29: System Tree for Notification Scenarios
Scenario one
For this scenario, 100 virus detections are detected in Subgoup2C within 60 minutes in a single
day.
Conditions of the rules VirusDetected_Subgroup2C, VirusDetected_Group2, and
VirusDetected_MyOrganization are met, sending notification messages (or launching
registered executables) per the rules’ configurations.
Scenario two
For this scenario, 50 virus detections are detected in Subgroup2C and 50 virus infections are
detected in Subgroup3B within 60 minutes in a single day.
Conditions of the VirusDetected_MyOrganization rule are met, sending notification messages
(or launching registered executables) per the rules’ configurations. This is the only rule that
can be applied to all 100 events.
Sending Notifications
Notifications and how it works
McAfee ePolicy Orchestrator 4.0.2 Product Guide
154