Malwarebytes OneView notifies you when events occur, such as when a vulnerability is found, a patch is available, or a patch is installed on endpoints. Use the Notifications settings to choose which alerts you want to receive. For more information on all notifications, see Set up notifications in Malwarebytes OneView.
Set up notifications
- On the left menu expand Settings, then click Notifications.
- Click the Add notification icon to set up a new OneView notification.
- On the General page, enter your Notification name and Description.
- Click Next.
- On the Category page, select Endpoint agent activity.
- Select Software update, Patch applied, or Patch available.
- Then click Next.
- On the Conditions page, select your Sites and Conditions. Click the add or delete button on the right side to add or remove a condition. See the Conditions table below for more information.
- Click Next once conditions are selected.
- On the Delivery page, click Enable aggregation if you want to group multiple alerts into a single notification. If enabled, select your Interval and Grouped by options.
- Select Email or Call Webhook for your notification delivery method.
- Enter in a notification subject for the Subject line or your Webhook URL.
- Select available email recipients in the drop down menu, or enter in additional email recipients to receive notifications.
Note: Selected recipients will receive notifications for all sites added on the conditions page, even if the user is not assigned to the site in OneView.
- Select notification tiles based on the desired content you want the email or call webhook notification to contain. See the Delivery table below for more information.
- Click Complete to finish setting up the notification.
Categories and conditions
This table provides details on all available notification categories and conditions for Vulnerability and Patch Management in OneView.
Endpoint agent activity
Endpoint agent activity
Notification tiles provide you with endpoint system details, software information, vulnerability, and patch reports when selected. The following notification tiles are available:
|Application name||Detected application name with the vulnerability or required update.|
|Category||Type of patch available to install on the endpoint.|
|Description||Description of the available update or patch.|
|Endpoint name||Host name of the vulnerable or software available endpoint.|
|Identified date||Date the available patch was detected on the endpoint.|
|KB ID||Knowledge base ID of the patch.|
|OS platform||Operating system type of the endpoint.|
|OS version||Operating system version number of the endpoint.|
|Patch applied date||Date the patch was applied on the endpoint.|
|Patch title||Name of the available patch on the endpoint.|
|Update applied date||Date the software update was applied on the endpoint.|
|Updated version||Version of the applied update on the endpoint.|
|Reboot required||Reboot status if required on the endpoint.|
Severity level of the detected vulnerability or required patch. Severity levels are:
|Vendor name||Vendor name of the installed software which is vulnerable or requiring a patch update.|
|Vulnerability Identified date||Date the vulnerability was detected on the endpoint.|