To manage event filtering using the command line interface:
cd
command, navigate to the folder where the Agent.exe file is located.For example, you can type the following command cd "C:\Program Files (x86)\Kaspersky Lab\Endpoint Agent\"
and press ENTER.
agent.exe --event =<createprocess|loadimage|registry|network|eventlog|filechange|accountloggon|codeinjection|wmiactivity> --action=<enable|disable|show>