Hello, since I upgrade SEPM from 12.1RU1 to 12.1RU1MP1, when client detect a nex risk I receive a mail to notifie me that a new risk has been detected and every 10 minutes I receive another mail. This is how is configure 'Notification' :

Mails :

What's wrong with this notification policy ?

Thanks.

can you delete the policy and create a new one with same settings and let know if it fixes?

Hello,

If the number of Single Risk Event notifications is small, removing/re-creating the notifications will resolve the issue.  This works because newly created notification conditions will include the time zone name value.

Hope that helps!!

Hi Dcourtel,

It's happening because damper protection setting is set to 'Auto'.

Set the specific time setting and monitor the difference.

I hope it will resolve your issue.

Hello pete, I delete and recreate the policy, and that doesn't fixe.

Did you tryed by changing the damper settings?

Trying with 20 minutes. I wait for the next virus :-)

You can use this for testing

http://www.eicar.org/86-0-Intended-use.html

:)

Hi Folks,

same issue here. One Event creates 6 Notification being sent exactly every 10 minutes.

I have a NEW SEP 12.1 RU1 MP1 Installation.

Regards,

Holger

Hello HolgerMu, edit the notification policy and set the "Damper" setting to 5 hours. It's very funny.

Setting the Damper Setting to 20 Minutes sends 2 Messages per Risk event within 10 minutes

I assume 30 minutes sends 3 messages for 30 minutes and so on....

5 Hours only sends 1 Message....funny funny stuff

any news about this Problem

We had this problem and this is what Symantec Enterprise Support had us do:

"There may be a workaround. Try editing the conf.properties file located at Program Files (x86) \ Symantec \ Symantec Endpoint Protection Manager \ tomcat \ etc\

Edit the line scm.securityalertnotifytask.notification.interval=1

Change the 1 to 59."

Our value was 10.. but after changing it to 59 as suggested the problem went away.

Supplemental Materials

 Additional improvements are expected in the next release of SEP12.1

Having this stupid problem after upgrading SEPM to the latest version. Email every 10 minutes for the Virus definitions out-of-date alert. Deleting and re-creating the alert doesn't help.

I'm running RU1, MP1. The article linked above states this is fixed in RU1?

I had no problem with this on RU1. Stupid Symantec, fix one thing, break 10 other things as usual.

Please try the following.

Delete the notification, wait for a day and then re-create the same notification.

why? 1 day is the magical number? why not two or three days?

I'm trying the suggestion Muad'Dib has above. Hopefully it works, but who knows what else it's going to break?

When i spoke to Symantec Enterprise support about this they said yes they did fix it in RU1, but it appears that it became broken again in RU1MP1... lol

It works.. and the suggestion came directly from Enterprise Support. We havent experienced any fallout from the setting change. They did mention however when the next release is sent out that you should roll back this setting before updating.