https://community.cisco.com/t5/network-security/trigger-email-alert-for-file-malware-detection/m-p/4006114#M925180 <P>Thanks for the reply. I basically want to be alerted if the file access policy detects a bad file and blocks it. The "action" tab is misleading in the rules of the policy itself. What is the difference between block files and block malware? I just want to know about if the policy did find something and it blocked a file whether is malware or blocked it for other reasons, without manually going to the dashboard.</P> Fri, 03 Jan 2020 16:10:48 GMT ryan14 2020-01-03T16:10:48Z https://community.cisco.com/t5/network-security/trigger-email-alert-for-file-malware-detection/m-p/4006084#M925160 <P>How do I configure an email alert message for something logged in the Firepower Management Center?</P> Fri, 21 Feb 2020 17:48:43 GMT https://community.cisco.com/t5/network-security/trigger-email-alert-for-file-malware-detection/m-p/4006084#M925160 ryan14 2020-02-21T17:48:43Z https://community.cisco.com/t5/network-security/trigger-email-alert-for-file-malware-detection/m-p/4006089#M925171 <P>Please clarify, the subject of this question and the body seem to be talking about two different requests.</P> Fri, 03 Jan 2020 15:31:19 GMT https://community.cisco.com/t5/network-security/trigger-email-alert-for-file-malware-detection/m-p/4006089#M925171 InTheJuniverse 2020-01-03T15:31:19Z https://community.cisco.com/t5/network-security/trigger-email-alert-for-file-malware-detection/m-p/4006099#M925177 <P>If you intend to be alerted if a malware is detected in network, then you'd achieve that through correlation</P><P>&nbsp;</P><P><A href="https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Correlation_Policies.html" target="_blank">https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Correlation_Policies.html</A></P> Fri, 03 Jan 2020 15:47:18 GMT https://community.cisco.com/t5/network-security/trigger-email-alert-for-file-malware-detection/m-p/4006099#M925177 InTheJuniverse 2020-01-03T15:47:18Z https://community.cisco.com/t5/network-security/trigger-email-alert-for-file-malware-detection/m-p/4006114#M925180 <P>Thanks for the reply. I basically want to be alerted if the file access policy detects a bad file and blocks it. The "action" tab is misleading in the rules of the policy itself. What is the difference between block files and block malware? I just want to know about if the policy did find something and it blocked a file whether is malware or blocked it for other reasons, without manually going to the dashboard.</P> Fri, 03 Jan 2020 16:10:48 GMT https://community.cisco.com/t5/network-security/trigger-email-alert-for-file-malware-detection/m-p/4006114#M925180 ryan14 2020-01-03T16:10:48Z https://community.cisco.com/t5/network-security/trigger-email-alert-for-file-malware-detection/m-p/4006122#M925183 <P>Thanks for leading me into the right direction. I have created a correlation rule and configured an alert via Policies -&gt; Actions-&gt;Alerts then Advance Malware Protection alerts and it worked. Thank you.</P> Fri, 03 Jan 2020 16:24:38 GMT https://community.cisco.com/t5/network-security/trigger-email-alert-for-file-malware-detection/m-p/4006122#M925183 ryan14 2020-01-03T16:24:38Z https://community.cisco.com/t5/network-security/trigger-email-alert-for-file-malware-detection/m-p/4006123#M925185 Hi, From FMC 6.3 you can send a syslog message for file and malware events. You could then configure your syslog server to send an email alert based on the syslog message it received.<BR /><BR />Blocking a file would block all defined files (e.g *.pdf) regardless of whether the file was malware or not, it does not query the AMP cloud. Whereas block malware would obviously block a file if it was determined to be malicous.<BR /><BR />HTH Fri, 03 Jan 2020 16:25:36 GMT https://community.cisco.com/t5/network-security/trigger-email-alert-for-file-malware-detection/m-p/4006123#M925185 Rob Ingram 2020-01-03T16:25:36Z https://community.cisco.com/t5/network-security/trigger-email-alert-for-file-malware-detection/m-p/4006185#M925187 That makes sense, appreciate the feedback. Fri, 03 Jan 2020 18:27:14 GMT https://community.cisco.com/t5/network-security/trigger-email-alert-for-file-malware-detection/m-p/4006185#M925187 ryan14 2020-01-03T18:27:14Z