Support

Support for business applications

Kaspersky XDR Expert

Appendices

KUMA audit events

Kaspersky Automated Security Awareness Platform response

Kaspersky Next XDR Expert
Online Help
FAQ Forum Contact support Recovery tools

Kaspersky Automated Security Awareness Platform response

May 15, 2024

ID 270415

Get as PDF

Event field name

Field value

DeviceAction

KASAP response

DeviceFacility

manual response

EventOutcome

succeeded or failed

Message

Description of the error, if an error occurred, otherwise the field is empty.

SourceTranslatedAddress

This field contains the value of the HTTP header x-real-ip or x-forwarded-for. If these headers are absent, the field will be empty.

SourceAddress

The address from which the user logged in. If the user logged in using a proxy, there will be a proxy address.

SourcePort

Port from which the user logged in. If the user logged in using a proxy, there will be a port on the proxy side.

SourceUserName

Login of the user who sent the request.

SourceUserID

ID of the user who sent the request.

DeviceCustomString1

The manager of the user to whom the course is assigned.

DeviceCustomString1Label

manager

DeviceCustomString3

Information about the group where the user belonged. Not available for failed.

DeviceCustomString3Label

manager

DeviceCustomString4

Information about the group where the user was added.

DeviceCustomString4Label

new kasap group

DeviceCustomString5

Tenant ID.

DeviceCustomString5Label

tenant ID

DeviceCustomString6

Tenant name.

DeviceCustomString6Label

tenant name

DestinationUserID

ID of the Active Directory user account which causes the response.

DestinationUserName

Account name (sAMAccountName).

DestinationNtDomain

Domain of the Active Directory user account which causes the response.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.