If the load on the hard drive, CPU, and RAM of Central Node and Sensor servers is high, Kaspersky Anti Targeted Attack Platform may function incorrectly. For example, if the hard drive of a server is full, Kaspersky Anti Targeted Attack Platform can drop alerts, or new events in the event table might not be displayed, and high load on CPU and RAM can render program components inoperable.
You can configure maximum values for the hard drive, CPU, and RAM loads on Central Node and Sensor servers; if these are exceeded, the upper part of the Dashboard section of the program web interface for users with Senior security officer, Security officer, Administrator, or Local administrator roles displays a yellow box with a warning. You can also configure notifications to be sent to one or more email addresses and an SNMP protocol connection for sending information about the hard drive, CPU, and RAM load to external systems that support this protocol.
Users with the Senior security officer or Security officer role can also create rules for sending notifications. In this case, sending notifications correctly requires configuring maximum allowed load values for the hard drive, CPU, and RAM of servers, as well as notification settings on the server.
In existing rules for sending notifications about program components, disk space usage, CPU load, and RAM load notifications are enabled automatically if the All check box is selected under Components when the rule is created.