On November 16th A (new date is TBD for beginning of 2016) we are changing nomenclature for warned and denied rules metrics.
Warned will be renamed to Detected.
Denied will be renamed to Mitigated.
This change affects all areas of Security Monitor including Notifications.
If you are using email filters to monitor or filter based on these metrics (warned/denied) you should update your rules to accommodate this nomenclature change.
Here is a comparison of a sample email body content before and after the change:
After the change on November 16
|Denied||Metrics: (Denied(14.00)>=Threshold(10))||Metrics: (Mitigated(14.00)>=Threshold(10))|
Here is a sample notification email body with "Mitigated" instead of "Denied".