Jump to content

Alerts and RMM Integration


Go to solution Solved by exile360,

Recommended Posts

Hello

I am working for an MSP and new to Malwarebytes (OneView, Nebula, MW Endpoint Protection). There are two questions i didn't find an answer for in the Admin Guides:

1. We would like to get Email Notifications on every detection, not only after scheduled Scans. How do i configure that

2. We use Datto RMM. is there any way to connect to Datto like to ConnectWise?

Best Regards and thanks in advance

Daniel

Link to post
Share on other sites

  • Staff
  • Solution

Greetings,

According to the information in this support article, Nebula provides email notifications for the following event types:

Quote

Detection Notifications

  • Deleted From Quarantine
  • Restored From Quarantine
  • Detections Cleaned
  • Detections Found
  • Suspicious Activity (High Severity Threats Only)

Account Notifications

  • User Deleted
  • User Invited
  • User Verified

Endpoint Agent Notifications

  • Command Failed
  • Command Timeout
  • Endpoint Registered

Unfortunately, it doesn't appear that notifications for real-time protection detection events are provided, however I will submit a request to the Product team to consider adding it in the future.

With regards to Datto, this support article indicates that you can at least integrate deployment using the provided MSI installer.  I could not locate any further information on integrating it, however you may contact Malwarebytes Business Support via the form located on this page and they will be able to give you a definitive answer, assuming no one more knowledgeable than myself responds here in the meantime.

I hope this helps, and if there is anything else we might assist you with please let us know.

Thanks

Link to post
Share on other sites

Thank you for the Quick Reply

It confirms what i found in the Support Documents (which helped me lot!)

For 1. it is all about image.png.0641da2224120cfabc6a2f822e97069c.png for the moment and until your request is heard by the product guys

and for 2. Packaging and also Controlling of Malwarebytes through command line is clear. It is more about catching real time events, which is combined with 1.

 

Best regards

Dani

Link to post
Share on other sites

  • Staff

I'm not familiar enough with Datto and products like it to know personally, however if you can read the logs created by the endpoints, and assuming Datto has some sort of agent running on the endpoints that could do so, you might be able to simply parse the detection info from the .JSON and/or .LOG files created in Malwarebytes' data folder whenever detection events occur.  Such a solution obviously wouldn't be ideal though, especially since it would likely require some sort of constant monitoring and/or heartbeat to query for new detection events/logs/log entries.

Link to post
Share on other sites

Thanks exile360. It's true: constant reading of log files is a possibility, but not very elegant. Like monitoring always is: a compromise between real time information, ressource consumption, schedules, avoiding repeated messages etc.

For now you helped me. 

Best Regards

Link to post
Share on other sites

  • Administrators

@vision311 little late to this one, but figured it was still worth mentioning. We have a OneView and Nebula Public API which you could utilize to set up a web hook to get real-time detection events. Go to the API & Services section under Settings in the Nebula or OneView console. Once you are there, click the View API Documentation link at the top for all the details.

  • Like 1
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.