Data in fields of Windows Event Log events of Kaspersky Endpoint Agent

Windows Event Log data is stored in the %SystemRoot%\System32\Winevt\Logs\Kaspersky-Security-Soyuz%4Product.evtx file in plain unencrypted form. The data is stored until Kaspersky Endpoint Agent is uninstalled.

The data can be sent to Kaspersky Security Center automatically, but is not sent to Kaspersky Sandbox.

By default, only users with System and Administrator permissions have read-access to the files. Kaspersky Endpoint Agent does not manage access permissions to this folder and the files in this folder. It is the system administrator who determines access permissions.

Event data can contain information related to the following:

• Data on user sessions in the operating system.
• Operating system user accounts (userID).
• Errors occurred during object scan tasks execution.
• Object scanning tasks.
• Kaspersky Sandbox alerts.
• Kaspersky Sandbox events.
• Kaspersky Endpoint Agent IOC files generated as part of automatic Threat Response.
• Object scan results.
• Kaspersky Sandbox server certificates.
• The object scan queue.
• Modified settings of Kaspersky Endpoint Agent.
• Changes of Kaspersky Security Center policies.
• Modified status of an object scan task.
• Kaspersky Security Center policies.
• Quarantined objects.
• Automatic Threat Response actions.
• Errors of interaction with program servers.

All data that is stored locally on the device, except for trace and dump files, is deleted from the device when the application is uninstalled.

See also Data received from the Central Node component Data in Kaspersky Endpoint Agent requests to Kaspersky Anti Targeted Attack Platform Service data of Kaspersky Endpoint Agent Data contained in Kaspersky Endpoint Agent trace files and dumps Data sent to Kaspersky if KSN and KMP Statements are accepted Data in alerts and events Data contained in task completion reports Data contained in an install log Data on files that are blocked from starting Data related to the performance of tasks

Page top