The way I solved this was to create a SureBackup job to scan all backups with the Veeam Threat Hunter and then a scheduled task to run a PowerShell script looking for the text "Threat found". The script is scheduled to run after the completion of the SureBackup process, though I currently do that through Task Schedular and use an estimate for when it should be complete.
Code:
### Define Variables ###$emailFrom = "$env:COMPUTERNAME <<Sender Address>>"$emailTo = "<Destination Address>"$emailSubject = "Veeam Threat Hunter Results - $(get-date -format 'yyyy-MM-dd')"$emailBody = "Veeam Threat Hunter Results:<br><br>"$emailServer = "<SMTP Server Name>"$emailPort = "25"### Collect matching lines from log files ###$results = Get-ChildItem -Recurse -Path C:\ProgramData\Veeam\Backup\FLRSessions -Filter "Veeam_Threat_Hunter-*.log" | Where-Object {$_.LastWriteTime -gt (Get-Date).AddDays(-7)} | Get-Content | Select-String -AllMatches "Threat found" | select @{N=’Detections’; E={$_.Line}}### Create email body ###$emailBody += ($results | ConvertTo-Html -Property Detections -Fragment)### Send email message ###try { Send-MailMessage -From $emailFrom -To $emailTo -Subject $emailSubject -Body $emailBody -BodyAsHtml -SmtpServer $emailServer -Port $emailPort -UseSsl} catch { exit 1}### End of script ###exit 0Statistics: Posted by RexfordHaugen_COLT — Aug 04, 2025 8:08 pm
