Webfilter Alert message

[desperate250]

Yesterday, while my wife was browsing the net, I suddenly received 8 emails from my Untangle box. The text was:

***************************************************************************************
Untangle Server Alert! (name of the box)
The following event occurred on the Untangle Server @ 2017-01-11 19:59:26.648

Malware Distribution Point website visit detected:
Web Filter logged http://www.mirrorlessrumors.com/wp-c...1/RED-Sony.jpg (Malware Distribution Point)

Causal Event: WebFilterEvent
{
"nodeName": "web_filter",
"timeStamp": "2017-01-11 19:59:26.648",
"reason": "PASS_CLIENT",
"flagged": false,
"blocked": false,
"requestLine": "GET http://www.mirrorlessrumors.com/wp-content/uploads/2017/01/RED-Sony.jpg",
**************************************************************************************

It took me a while to find out which computer was causing that...I had to login, check Webfilter logs and see which user (not IP) caused this.

I wonder if it is possible to add username and IP address to the email. So next time, when this happens and I'm not at home, I know right from the start where to look.
Additionally, I wonder why the traffic was passed instead of blocked.

[jcoffin]

As the alert lists, "reason": "PASS_CLIENT", The PC IP address is in the Pass Clients list so the PC was not blocked.

[desperate250]

As the alert lists, "reason": "PASS_CLIENT", The PC IP address is in the Pass Clients list so the PC was not blocked.

This happens also in case the request has been blocked. In fact the computer which created the issue is never transmitted in the email. Ich always have to login to the Untangle system and check the logs.

How can I change the notification?

[deleted_account+152373@untangle.com]

Yes it would be much better if we get which client has been blocked in the email