This section provides information related to Kaspersky Endpoint Agent for Windows. This information may be partially or completely inapplicable to Kaspersky Endpoint Agent for Linux. For complete information about Kaspersky Endpoint Agent for Linux, please refer to the Help of the solution that includes the application: Kaspersky Anti Targeted Attack Platform or Kaspersky Managed Detection and Response.
To manage event filtering using the Kaspersky Endpoint Agent command line interface:
cd
command, navigate to the folder where the Agent.exe file is located.For example, enter the command cd "C:\Program Files (x86)\Kaspersky Lab\Endpoint Agent\"
and press ENTER.
agent.exe --event =<createprocess|loadimage|registry|network|eventlog|filechange|accountloggon|codeinjection|wmiactivity> --action=<enable|disable|show>