此監視會將 Configuration Manager 重複的惡意程式碼偵測警示轉寄到 Configuration Manager 主控台。
當 Configuration Manager 在集合中的裝置上重複偵測到某種惡意程式碼類型時,便會產生警示。
Configuration Manager 在集合中的裝置上重複偵測到相同類型的惡意程式碼。
查看 Configuration Manager 主控台中的 Endpoint Protection 儀表板和報告,取得關於這些裝置和偵測到之惡意程式碼的詳細資訊。
移除惡意程式碼。
Target | Microsoft.SystemCenter2012.ConfigurationManager.AlertRepeatedMalwareDetection | ||
Parent Monitor | System.Health.ConfigurationState | ||
Category | Custom | ||
Enabled | False | ||
Alert Generate | True | ||
Alert Severity | MatchMonitorHealth | ||
Alert Priority | Normal | ||
Alert Auto Resolve | True | ||
Monitor Type | Microsoft.SystemCenter2012.ConfigurationManager.EPAlertStateMonitor | ||
Remotable | True | ||
Accessibility | Public | ||
Alert Message |
| ||
RunAs | Default | ||
Comment | SIV:FEP0003 |
<UnitMonitor ID="Microsoft.SystemCenter2012.ConfigurationManager.RepeatedMalwareDetectionMonitor" Comment="SIV:FEP0003" Accessibility="Public" Enabled="false" Target="SCCM!Microsoft.SystemCenter2012.ConfigurationManager.AlertRepeatedMalwareDetection" ParentMonitorID="SystemHealth!System.Health.ConfigurationState" Remotable="true" Priority="Normal" TypeID="Microsoft.SystemCenter2012.ConfigurationManager.EPAlertStateMonitor" ConfirmDelivery="true">
<Category>Custom</Category>
<AlertSettings AlertMessage="Microsoft.SystemCenter2012.ConfigurationManager.RepeatedMalwareDetectionMonitor_AlertMessageResourceID">
<AlertOnState>Warning</AlertOnState>
<AutoResolve>true</AutoResolve>
<AlertPriority>Normal</AlertPriority>
<AlertSeverity>MatchMonitorHealth</AlertSeverity>
</AlertSettings>
<OperationalStates>
<OperationalState ID="UIGeneratedOpStateId21668ad91a804d8da52e10ca5c87e39f" MonitorTypeStateID="Good" HealthState="Success"/>
<OperationalState ID="UIGeneratedOpStateId10a01dcc0d1847f2b9c256f90448c84d" MonitorTypeStateID="Warning" HealthState="Warning"/>
<OperationalState ID="UIGeneratedOpStateId8209facd786f4439b243d9b765681ac6" MonitorTypeStateID="Error" HealthState="Error"/>
</OperationalStates>
<Configuration>
<TypeId>$Target/Property[Type="SCCM!Microsoft.SystemCenter2012.ConfigurationManager.AlertBaseClass"]/TypeId$</TypeId>
<TypeInstanceId>$Target/Property[Type="SCCM!Microsoft.SystemCenter2012.ConfigurationManager.AlertBaseClass"]/TypeInstanceId$</TypeInstanceId>
<IntervalSeconds>900</IntervalSeconds>
<ProviderLocation>$Target/Host/Property[Type="SCCM!Microsoft.SystemCenter2012.ConfigurationManager.SiteServer"]/ProviderLocation$</ProviderLocation>
<SiteCode>$Target/Host/Property[Type="SCCM!Microsoft.SystemCenter2012.ConfigurationManager.Server"]/SiteCode$</SiteCode>
</Configuration>
</UnitMonitor>