Adding event-related executable files to the application category
To add executable files related to Application Control events to the application category:
- Open the Kaspersky Security Center Administration Console.
- In the Administration Server node of the Administration Console tree, select the Events tab.
- Choose a selection of events related to operation of the Application Control component (Viewing events resulting from operation of the Application Control component, Viewing events resulting from test operation of the Application Control component) in the Selection events drop-down list.
- Click the Run selection button.
- Select the events whose associated executable files you want to add to the application category.
- Right-click to open the context menu for the selected events and select Add to category.
The Select application category window opens.
- In the Select application category window:
- In the upper part of the window, choose one of the following options:
- Create category of applications. Choose this option if you want to create a new application category and add executable files to it.
- Add rules to specified category. Choose this option if you want to select an existing application category and add executable files to it.
- In the Rule type section, choose one of the following options:
- Add to inclusion rules. Select this option if you want to create a condition that adds executable files to the application category.
- Add to exclusion rules. Select this option if you want to create a condition that excludes executable files from the application category.
- In the File info type section, choose one of the following options:
- Certificate data (or SHA-256 for files without a certificate).
- Certificate data (files without a certificate will be skipped).
- Only SHA-256 (files without SHA-256 will be skipped).
- MD5 (discontinued mode, only for Kaspersky Endpoint Security 10 Service Pack 1).
- Click ОК.
Page top