Informational message
Status |
|
Component |
System Audit |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
Status |
|
Component |
System Audit |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
Self-Defense restricted access to the protected resource
Status |
|
Component |
System Audit |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
Status |
|
Component |
System Audit |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
|
Status |
|
Component |
System Audit |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
– |
Status |
|
Component |
System Audit |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
Status |
|
Component |
System Audit |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
Status |
|
Component |
System Audit |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
Status |
|
Component |
System Audit |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
– |
Subscription settings have changed
Status |
|
Component |
System Audit |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
Status |
|
Component |
System Audit |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
|
Status |
|
Component |
System Audit |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
Status |
|
Component |
System Audit |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
– |
Status |
|
Component |
System Audit |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
Status |
|
Component |
System Audit |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
The application works and processes data under relevant laws and uses the appropriate infrastructure
Status |
|
Component |
System Audit |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
|
Object restored from Quarantine
Status |
|
Component |
System Audit |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
|
Object deleted from Quarantine
Status |
|
Component |
System Audit |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
|
A backup copy of the object was created
Status |
|
Component |
File Threat Protection Mail Threat Protection Behavior Detection Host Intrusion Prevention Sandbox Malware Scan |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
|
Overwritten by a copy that was disinfected earlier
Status |
|
Component |
File Threat Protection Host Intrusion Prevention Malware Scan |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
– |
Password-protected archive detected
Status |
|
Component |
File Threat Protection Web Threat Protection Mail Threat Protection AMSI Protection Host Intrusion Prevention Malware Scan |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Event parameters |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
Information about detected object
Status |
|
Component |
File Threat Protection Web Threat Protection Mail Threat Protection AMSI Protection Host Intrusion Prevention Malware Scan |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
The object is in the Kaspersky Private Security Network allowlist
Status |
|
Component |
File Threat Protection Web Threat Protection Mail Threat Protection AMSI Protection Host Intrusion Prevention Malware Scan |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
|
Status |
|
Component |
Mail Threat Protection Exploit Prevention Behavior Detection Malware Scan |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
Status |
|
Component |
Host Intrusion Prevention File Threat Protection Web Threat Protection Mail Threat Protection Malware Scan |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
Status |
|
Component |
Host Intrusion Prevention File Threat Protection AMSI Protection Malware Scan |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
Status |
|
Component |
Host Intrusion Prevention File Threat Protection Web Threat Protection Mail Threat Protection AMSI Protection Malware Scan |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
Status |
|
Component |
Host Intrusion Prevention File Threat Protection Web Threat Protection Mail Threat Protection AMSI Protection Malware Scan |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
Status |
|
Component |
Web Threat Protection |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
Status |
|
Component |
Application Control |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
Status |
|
Component |
Update |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
Status |
|
Component |
Update |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
The link is in the Kaspersky Private Security Network allowlist
Status |
|
Component |
Web Threat Protection |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
|
Application placed in the trusted group
Status |
|
Component |
Host Intrusion Prevention |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
Application placed in restricted group
Status |
|
Component |
Host Intrusion Prevention |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
Host Intrusion Prevention was triggered
Status |
|
Component |
Host Intrusion Prevention |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
Status |
|
Component |
Behavior Detection Exploit Prevention Host Intrusion Prevention |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
Status |
|
Component |
Behavior Detection Exploit Prevention |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
– |
Status |
|
Component |
Behavior Detection Exploit Prevention |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
– |
Status |
|
Component |
Adaptive Anomaly Control |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Event parameters |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
Status |
|
Component |
BadUSB Attack Prevention |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
Status |
|
Component |
Firewall |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
– |
Application startup prohibited in test mode
Status |
|
Component |
Application Control |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Event parameters |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
Application startup allowed in test mode
Status |
|
Component |
Application Control |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Event parameters |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
– |
A page that is allowed was opened
Status |
|
Component |
Web Control |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
– |
Operation with the device allowed
Status |
|
Component |
Device Control |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
– |
Status |
|
Component |
Device Control |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Event parameters |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
– |
Status |
|
Component |
Update |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
– |
Update distribution completed successfully
Status |
|
Component |
Update |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
– |
Status |
|
Component |
Update |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
Status |
|
Component |
Update |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
Status |
|
Component |
Update |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
Status |
|
Component |
Update |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
File rolled back due to update error
Status |
|
Component |
Update |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
Status |
|
Component |
Update |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
Status |
|
Component |
Update |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
Status |
|
Component |
Update |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
Creating the list of files to download
Status |
|
Component |
Update |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
Status |
|
Component |
Update |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
Status |
|
Component |
Update |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
Status |
|
Component |
Update |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
Status |
|
Component |
Update |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
Status |
|
Component |
Update |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
Started applying file encryption / decryption rules
Status |
|
Component |
Data Encryption |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
Finished applying file encryption / decryption rules
Status |
|
Component |
Data Encryption |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
Resumed applying file encryption / decryption rules
Status |
|
Component |
Data Encryption |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
File encryption / decryption started
Status |
|
Component |
Data Encryption |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
File encryption / decryption completed
Status |
|
Component |
Data Encryption |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
File has not been encrypted because it is an exclusion
Status |
|
Component |
Data Encryption |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
Status |
|
Component |
Data Encryption |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
Status |
|
Component |
Data Encryption |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
Device encryption / decryption started
Status |
|
Component |
Data Encryption |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
Device encryption / decryption completed
Status |
|
Component |
Data Encryption |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
Device encryption / decryption resumed
Status |
|
Component |
Data Encryption |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
Status |
|
Component |
Data Encryption |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
Device encryption / decryption process has been switched to active mode
Status |
|
Component |
Data Encryption |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
Device encryption / decryption process has been switched to passive mode
Status |
|
Component |
Data Encryption |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
Status |
|
Component |
Data Encryption |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
– |
New Authentication Agent account created
Status |
|
Component |
Data Encryption |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
– |
Authentication Agent account deleted
Status |
|
Component |
Data Encryption |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
– |
Authentication Agent account password changed
Status |
|
Component |
Data Encryption |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
– |
Successful Authentication Agent login
Status |
|
Component |
Data Encryption |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
– |
Failed Authentication Agent login attempt
Status |
|
Component |
Data Encryption |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
– |
Hard drive accessed using the procedure of requesting access to encrypted devices
Status |
|
Component |
Data Encryption |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
– |
Status |
|
Component |
Data Encryption |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
– |
Account was not added. This account already exists
Status |
|
Component |
Data Encryption |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
– |
Account was not modified. This account does not exist
Status |
|
Component |
Data Encryption |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
– |
Account was not deleted. This account does not exist
Status |
|
Component |
Data Encryption |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
– |
Status |
|
Component |
Data Encryption |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
|
FDE upgrade rollback successful
Status |
|
Component |
Data Encryption |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
|
Failed to uninstall Kaspersky Disk Encryption drivers from the WinRE image
Status |
|
Component |
Data Encryption |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
|
BitLocker recovery key was changed
Status |
|
Component |
Data Encryption |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
|
BitLocker password / PIN was changed
Status |
|
Component |
Data Encryption |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
|
BitLocker recovery key was saved to a removable drive
Status |
|
Component |
Data Encryption |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
|
Processing of tasks from the Kaspersky Anti Targeted Attack Platform server is inactive
Status |
|
Component |
Endpoint Sensor |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
Endpoint Sensor connected to server
Status |
|
Component |
Endpoint Sensor |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
Connection to the Kaspersky Anti Targeted Attack Platform server restored
Status |
|
Component |
Endpoint Sensor |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
Tasks from the Kaspersky Anti Targeted Attack Platform server are being processed
Status |
|
Component |
Endpoint Sensor |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
Status |
|
Component |
Wipe Data |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
– |
Status |
|
Component |
Endpoint Detection and Response (KATA) |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
|
Status |
|
Component |
Wipe Data |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
Status |
|
Component |
Sandbox |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
|
Status |
|
Component |
Sandbox |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
Status |
|
Component |
Endpoint Detection and Response |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
|
Status |
|
Component |
Endpoint Detection and Response |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
|
Object quarantined (Endpoint Detection and Response)
Status |
|
Component |
Endpoint Detection and Response |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
|
Object deleted (Endpoint Detection and Response)
Status |
|
Component |
Endpoint Detection and Response |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
|
Application components successfully changed
Status |
|
Component |
System Audit |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
Status |
|
Component |
Sandbox |
Windows event ID |
|
Kaspersky Security Center event ID |
– |
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
Status |
|
Component |
Sandbox |
Windows event ID |
|
Kaspersky Security Center event ID |
– |
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
Status |
|
Component |
Sandbox |
Windows event ID |
|
Kaspersky Security Center event ID |
– |
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
Status |
|
Component |
Sandbox |
Windows event ID |
|
Kaspersky Security Center event ID |
– |
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
– |
The Administration Server that your device is connected to is set as trusted
Status |
|
Component |
Administration Server connection protection |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
Your device is connected to a new trusted Administration Server
Status |
|
Component |
Administration Server connection protection |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
The Administration Server that your device is connected to is no longer set as trusted
Status |
|
Component |
Administration Server connection protection |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
Asynchronous Sandbox detection
Status |
|
Component |
Sandbox |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Event parameters |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
The scan task has been successfully sent to Sandbox by a user
Status |
|
Component |
Sandbox |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
Status |
|
Component |
Device Control |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Event parameters |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
Status |
|
Component |
Device Control |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Event parameters |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
Error removing the previous version of the application
Status |
|
Component |
System Audit |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
|
Successful connection to the Kaspersky Anti Targeted Attack Platform server
Status |
|
Component |
Endpoint Detection and Response (KATA) |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
|
Starting the cloud service client application is allowed
Status |
|
Component |
Cloud Discovery |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
Access to the cloud service is allowed
Status |
|
Component |
System Audit |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
|
Kaspersky Security Center event log (default) |
|
Status |
|
Component |
Cloud Discovery |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
File or folder change was detected
Status |
|
Component |
System Integrity Monitoring |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
To configure the retention period for this event, go to the Event configuration section of the policy and set the retention period for the general System Integrity Monitoring event – File or folder change was detected. |
|
/ 
Object changes too often. Event aggregation started
Status |
|
Component |
System Integrity Monitoring |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
Report on object modification for the aggregation period
Status |
|
Component |
System Integrity Monitoring |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
To configure the retention period for this event, go to the Event configuration section of the policy and set the retention period for the general System Integrity Monitoring event – File or folder change was detected. |
|
Status |
|
Component |
System Integrity Monitoring |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
To configure the retention period for this event, go to the Event configuration section of the policy and set the retention period for the general System Integrity Monitoring event – File or folder change was detected. |
|
Device connection / disconnection is detected
Status |
|
Component |
System Integrity Monitoring |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
To configure the retention period for this event, go to the Event configuration section of the policy and set the retention period for the general System Integrity Monitoring event – File or folder change was detected. |
|
Status |
|
Component |
System Integrity Monitoring |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
Status |
|
Component |
System Integrity Monitoring |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
An operation is performed by the trusted user
Status |
|
Component |
System Integrity Monitoring |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
To configure the retention period for this event, go to the Event configuration section of the policy and set the retention period for the general System Integrity Monitoring event – File or folder change was detected. |
|
Status |
|
Component |
Light Agent |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
Connected to the Integration Server
Status |
|
Component |
Light Agent |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|
Connection to the Integration Server has been restored
Status |
|
Component |
Light Agent |
Windows event ID |
|
Kaspersky Security Center event ID |
|
Windows event log (default) |
– |
Kaspersky Security Center event log (default) |
|