Viewing System Integrity Monitoring reports

To analyze the performance of System Integrity Monitoring rules, you can look at reports and events generated by the application. Kaspersky Endpoint Security generates the following reports regarding the component:

• In the application interface:
  • The System Integrity Monitoring report
  • The System Integrity Check report
  • The Baseline update report

  The reports contain System Integrity Monitoring events.

• In the Kaspersky Security Center Console
  • Report on computers on which monitoring rules were triggered the greatest number of times
  • Report on most frequently triggered monitoring rules

  By default, a report is created for the previous 30 days, including the date when the report is created.

  How to view System Integrity Monitoring reports in the Administration Console (MMC)

  1. Open the Kaspersky Security Center Administration Console.
  2. In the Administration Server node of the Administration Console tree, select the Reports tab.
  3. Click the New report template button.

     The New Report Template Wizard starts.

  4. Follow the instructions of the Report Template Wizard. At the Selecting the report template type step, select the a System Integrity Monitoring report (the Other section):
     • Top 10 devices with File Integrity Monitor / System Integrity Monitoring rules most frequently triggered.
     • Top 10 rules of File Integrity Monitor / System Integrity Monitoring that were triggered on devices most frequently.

     After you have finished with the New Report Template Wizard, the new report template appears in the table on the Reports tab.

  5. Open the report by double-clicking it.

  The report generation process starts. The report is displayed in a new window.

  How to view System Integrity Monitoring reports in the Web Console

  1. In the main window of the Web Console, select Monitoring & reporting → Reports.
  2. Click Add.

     The New Report Template Wizard starts.

  3. Under Template type, in the Other section, select a System Integrity Monitoring report:
     • Top 10 devices with File Integrity Monitor / System Integrity Monitoring rules most frequently triggered.
     • Top 10 rules of File Integrity Monitor / System Integrity Monitoring that were triggered on devices most frequently.

     After you have finished with the New Report Template Wizard, the new report template appears in the table.

  4. Select and run the report.

  The report generation process starts. The report is displayed in a new window.

  To view events generated by the application, you can also use event selections in the Kaspersky Security Center console.

Page top