I often try to create better filters to capture significant Heartbeats, and Maintenance Reports from dSS, but it can be a bit difficult at times.
Currently I am filtering for the subject "Heartbeat", and the words "disk, ntfs, and disabled". I flag these entries immediately for further attention, and check all other reports on a regular basis. It still takes a significant amount of time however. Unfortunately I am seeing many reports pass right on through with disabled entries. So I am looking for a better way to capture and filter dSS email reports. I use gmail to capture email reports.
So I was wondering if the Heartbeat reports could contain an "Alert" heading when the following errors are detected: disk, ntfs, vss, kernel. In addition to flagging the same alert heading when the firewall, anti-virus product, and anti-malware products are "Disabled".
This would make it relatively easy to determine what's critically important, and what's not. The end result being a message like this "Heartbeat - Alert - ClientIDHere"