Configuring incident generation
August 3, 2023
ID 175071
The Administration Server database stores information about application events that occur on the managed protected devices.
To configure the notifications that Kaspersky Industrial CyberSecurity for Nodes will use as the basis for generating incidents in Kaspersky Security Center:
- Expand the Managed devices node in the Kaspersky Security Center Administration Console tree.
- Select the administration group for which you want to configure application settings.
- Perform one of the following actions in the details pane of the selected administration group:
- To configure application settings for a group of protected devices, select the Policies tab and open the Properties: <Policy name> window.
- To configure the settings of a task or application for an individual protected device, select the Devices tab and go to local task settings or application settings.
- In the Logs and notifications section, click the Incidents button in the Settings subsection.
The Incidents window opens.
- If necessary, in the Incidents window, edit the selection of events in the table below, which Kaspersky Industrial CyberSecurity for Nodes will use to generate incidents:
- Click the OK button.
The incident generation settings are saved.
List of events for incident generation
Event
Default value
PLC project does not match reference project
Selected
Error matching PLC project to reference project
Selected
Error getting PLC project information
Selected
License has expired
Not selected
End User License Agreement violation
Selected
Failed to update
Not selected
Application database is corrupted
Not selected
Application database is extremely out of date
Not selected
Application database is out of date
Not selected
Application modules integrity is corrupted
Selected
Network session listed as untrusted
Selected
Application launch denied
Not selected
Statistics only mode: application launch denied
Selected
Error processing application launch
Not selected
Error processing device connection
Selected
Statistics Only: untrusted external device detected
Not selected
Untrusted external device detected and restricted
Selected
Statistics only: untrusted external device detected
Selected
Infected or other object detected
Not selected
KSN-untrusted object found
Selected
Probably infected object detected
Selected
Object not disinfected
Not selected
Object not backed up
Not selected
Object not quarantined
Not selected