Uploading an IOC file
IOC files having UserItem properties for domain users are not supported.
To upload an IOC file:
- In the window of the program web interface, select the User rules section, IOC subsection.
This opens the table of IOC files.
- Click Upload.
This opens the file selection window on your local computer.
- Select the file that you want to upload and click Open.
- Specify the following parameters:
- Autoscan—The IOC file is used when automatically scanning Kaspersky Endpoint Agent hosts:
- Name—Name of the IOC file.
- Importance—Importance level that will be assigned to an alert generated using this IOC file:
- Apply to—Name of the organization and names of the servers which you want to scan using this IOC file (in the distributed solution and multitenancy mode).
- Click Save.
The IOC file will be uploaded in XML format.