[KB6387] Configure ESET endpoint products to send automated threat notifications (6.x)


Configure ESET endpoint client workstations to send event messages or threat warning messages to a designated email address


ESET business product no longer supported

This content applies to an ESET product version that is currently in End of Life status and is no longer supported. This content is no longer updated. 

For a complete list of supported products and support level definitions, review the ESET End of Life policy for business products.

Upgrade ESET business products.

 ESET Remote Administrator (ERA) users: Perform these steps in ERA

  1. Open the main program window of your Windows ESET product.

  2. Press the F5 key to access Advanced Setup. 
  3. Click Tools → Email notifications.
  4. Click the slider bar next to Send event notification by email to enable it.
  5. Type the following information in the appropriate fields: 
  • SMTP Server - the IP address of your mail server. If the server is outside of your local network, the threat notification messages may be filtered as spam.
  • Username and Password - if your SMTP server requires you to log in using credentials.
  • Sender address - the address that sends the notification emails.
  • Recipient addresses - the address the notification emails will be sent to. Use a semicolon to separate multiple addresses.

Figure 1-1

  1. In the Message format section, select the text and variables to include in the notification emails that are displayed on remote computers. In the editable text field, customize the predefined format of event messages and the format of threat warning messages. The system variables below are supported.
  • Select Local from the Charset drop-down menu to enable converting an email to the ANSI character encoding based upon Windows Regional settings.
  • Click the slider bar next to Use Quoted-printable encoding to enable the Quoted-printable format which uses ASCII characters and can correctly transmit special national characters by notification email in 8-bit format.

Pre-defined system variables include: 

  • %ComputerName% - Name of the computer where the alert occurred.
  • %ProgramName% - Program that generated the alert.
  • %TimeStamp% - Date and time of the event.
  • %UserName% - Name of the logged user where the alert occurred.
  • %InfectedObject% - Name of infected file, message, etc.
  • %VirusName% - Identification of the infection.
  • %ErrorDescription% - Description of a non-virus event.
  • %Scanner% - Module concerned.
  • %Action% - Action taken over infiltration.

Figure 1-2

  1. Click OK. The client workstation will now send threat notifications automatically.