> Services > AV Defender Security Event

AV Defender Security Event

This service applies to both the Managed AV Defender Security Event and the Unmanaged AV Defender Security Event.

The AV Defender Security Event service reports on security events when they are detected on a device that has AV Defender installed .

This service cannot use Self-Healing.

Service Type

Custom API

Instances on a Device

1

Supported Systems/Applications

Any device with AV Defender installed

Device Class

Workstation - Windows, Laptop - Windows, Server - Windows

Monitored By

Windows Agents

Scan Interval

5 minutes

Configure this service by selecting the detection types that AV Defender are reporting on, then choose the actions to take on detected security threats.

Notification Numeric Values

Notifications for the AV Defender Security Event service use numeric values to report different elements of security events with the values mapped as follows by default:

Malware Type Malware Threat Type Malware State Malware Taken Actions

1 = File

2 = HTTP

3 = Cookie

4 = POP3

5 = SMTP

6 = Process

7 = Boot Sector

8 = Registry

9 = Stream

0 = Virus

1 = Spyware

2 = Adware

3 = Spam

4 = Rootkit

5 = Diar

6 = Application

7 = Archive Bomb

1 = Present

2 = Deleted

3 = Blocked

4 = Quarantined

5 = Cleaned

1 = Deny/Ignore

3 = Disinfect

5 = Delete

7 or 9 = Move To Quarantine

10 = Disinfect Only