Resolution
fact
VigilEnt Security Agent for Windows 3.X
fact
VigilEnt Security Agent for Windows 4.0
fact
VigilEnt Security Manager 3.X
fact
VigilEnt Security Manager 4.X
symptom
Windows/NT Detect alerts are not being received in VigilEnt Security Manager or e-mail.
fix
Try the following steps to resolve the issue:
VigilEnt Security Agent for Windows 3.X
fact
VigilEnt Security Agent for Windows 4.0
fact
VigilEnt Security Manager 3.X
fact
VigilEnt Security Manager 4.X
symptom
Windows/NT Detect alerts are not being received in VigilEnt Security Manager or e-mail.
fix
Try the following steps to resolve the issue:
- Make sure the rule is enabled in the VigilEnt Security Agent for Windows Detect interface. If the rule displays in italic it is disabled. To enable, right-click the rule and select Enable/Disable.
- In the VigilEnt Security Agent for Windows Detect interface, go to Config File | SMTP Relay Host | Set SMTP Relay Host.
- Enter the fully qualified mail server name.
- Save the detect.xml file.
- Check that the correct Windows auditing is enabled at Administrative Tools | Local Security Policy | Local Policies.
- To verify that Windows auditing is enabled, check the event logs. Log entries will appear in the appropriate log for events that are being audited. Detect alerts are triggered from the event logs so the alert must be present in the event log before Detect can send an alert.
If Detect alerts are being received in VigilEnt Security Manager and the event log, but not via e-mail, it could be that the SMTP Service is disabled on the mail server or relaying may be turned off for the address range of your servers. Please contact your local IT/Helpdesk for assistance.
Additional Information
Formerly known as NETIQKB31684