File Blocking rule: Notifications tab

Table: File Blocking rule: Notifications tab lists the options on the Notifications tab of File Blocking rule properties.

Table: File Blocking rule: Notifications tab

Setting	Description	Default Value
Notify using Messenger Service	Enables automatic notifications using the Windows Messenger Service.	No notification.
Send email	Enables automatic notifications by email.	No notification.
Run custom command	Enables you to run a command when a rule is broken. For example you could specify a NET SEND command or a batch file to run. The command runs under the local System account.	No notification.
Log the event	Enables logging to the Enterprise Vault event log.	No notification.
"Configure notifications" button	Enables you to configure the notification. See Notification tabs.

Notification tabs

Click Configure notifications on the Notifications tab to define the delivery and content of the message to send when the rule is broken. The tabs that are available depend on the notification methods you selected.

Table: Notification tabs options

Tab name

Description

Message

The text of the message that you want to be sent when the rule is broken. You can enter plain text on this tab.

Click Advanced to do any of the following:

Include variable text such as the path to the file that was blocked, or the name of the user that broke the File Blocking rule.

See Notification variables.
Save the message as a template message for future use.
Load a previously saved template message.

Messenger

Enables you to choose to send a Windows Messenger Service notification message to any combination of the following:

A specific member of the Administrators group.
The user who broke the File Blocking rule.
An SNMP trap. This sends the computer name, the file name, the user name, and the message that is defined on the Message tab.

Logging

Enables you to choose to log File Blocking violations to the following:

Enterprise Vault audit database.
Enterprise Vault event log.

Enables you to specify the mail header information to be used when a mail notification is sent.

Custom Command

This enables you to define commands to be run automatically when a File Blocking rule is broken. Do not specify a command that requires interaction with the desktop. For example, you could specify a batch file to run or a NET SEND command. You can enter multiple commands, one per line.

Note:

Custom commands require the Windows "Task Scheduler" service to be running.

Notification variables

You can insert variable information into a notification message, such as the path to the file that was blocked. The variables are replaced with the details that are current at the time the message is sent. To insert the variables, click Advanced on the Message tab.

Table: Notification variables describes the variables that you can use.

Table: Notification variables

Variable name	Description
[USER]	Current user who caused the action. Includes domain information.
[USER NO DOMAIN]	Current user who caused the action without the domain information.
[DOMAIN]	Domain name.
[FILE SPEC]	File path and name that caused the action.
[FILE NAME]	Name of the file that caused the action.
[POLICY NAME]	Name of the policy that is applied to the managed resource.
[OBJECT NAME]	Name of the resource that caused the action.
[OWNER NO DOMAIN]	Name of the owner of the file that caused the action without domain information.
[OWNER]	Name of the owner of the file that caused the action. Includes domain information.
[SERVER NAME]	Name of the server where an alarm has been activated.
[OBJECT NAME SHARE]	Shared name of the resource. For example, you can enter "H" as in "H:\MyDrive" and the share name is inserted.