• State Verified Answer
  • Locked Locked
  • Replies 2 replies
  • Subscribers 32 subscribers
  • Views 239 views
  • Users 0 members are here
Options
Related
This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

How to alert on a virus found

pat_m

Hi all,

I have been asked to create an alert on when our AV Sophos finds a virus. I am not really sure how to go about this can anyone get me some ideas as to how I can get this done.

Let me expand on this; Can I have Solarwinds monitor a table in a SQL database and fire an alert if some data gets inserted into the table.

Thanks,

-Pat

  • 0

    SAM's SQL User Experience Monitor can be used to query the number of records in a table, then combined with the "Count Statistic as Difference" option to achieve what you describe above.

    SELECT COUNT(*) FROM table_name;

    Count Statistic as Difference.png

  • 0 in reply to aLTeReGo

    Hi Thanks for the answer, but maybe I am not expressing myself as to what I am trying to do as this is my first attempt at an alert like this.

    Also how do I use the SQL user experience monitor<

    I have a SQL query that I want to have the output sent in a email when the condition is meet. The query is as follows

    SELECT

      vTI.ThreatTypeName,

      vTI.ThreatSubTypeName,

      vTI.ThreatName,

      vTE.EventTime,

      vTI.FirstDetectedAt,

      vTI.FullFilePath,

      vC.Name AS ComputerName

    FROM [SOPHOS521].[Sophos Reporting Interface].[vThreatEventData] AS vTE

    JOIN [SOPHOS521].[Sophos Reporting Interface].[vThreatInstances] AS vTI

    ON vTE.ThreatID = vTI.ThreatID

    JOIN [SOPHOS521].[dbo].[ComputerHosts] AS vC

    ON vTI.ComputerID = vC.ID

    WHERE convert(datetime,vTE.EventTime) > DATEADD(MINUTES,-5,GETDATE())

    ORDER BY vTE.EventTime

    Thanks,

    -Pat

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification Media Vault Link Accounts
About THWACK Blogs For Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
©2024 SolarWinds Worldwide, LLC. All Rights Reserved.