4. Mentioned above the local AIUM (Active IQ Unified manager). I'm not sure if the online Active IQ (used to be known as MyASUP) give much on vSCAN these days (Currently I don't have access to it). Active IQ does get events using AutoSupport. Which you can configure to send out upon events using the ONTAP command "event destination ... " (that will also send you an email - but don't add ones that likely to happen frequently, as generating austsupport takes system resources).
5. I'd actually prefer scanning on reads - as it will be with the more up-to-date signatures DB than when the file been written. Having said that - write is important too as it can help stop file encryption/weaponizing/corruption in some cases.
6. not familiar with this term. you can schedule a vSCAN full scan to cover files that missed in the inline scan (due to timeout) or ones that not been detected with the old signature DB.