Configuring incident generation

The Administration Server database stores information about application events that occur on the managed protected devices.

To configure the notifications that Kaspersky Industrial CyberSecurity for Nodes will use as the basis for generating incidents in Kaspersky Security Center:

1. Expand the Managed devices node in the Kaspersky Security Center Administration Console tree.
2. Select the administration group for which you want to configure application settings.
3. Perform one of the following actions in the details pane of the selected administration group:
   • To configure application settings for a group of protected devices, select the Policies tab and open the Properties: <Policy name> window.
   • To configure the settings of a task or application for an individual protected device, select the Devices tab and go to local task settings or application settings.
4. In the Logs and notifications section, click the Incidents button in the Settings subsection.

   The Incidents window opens.

5. If necessary, in the Incidents window, edit the selection of events in the table below, which Kaspersky Industrial CyberSecurity for Nodes will use to generate incidents:
6. Click the OK button.

   The incident generation settings are saved.

   List of events for incident generation

   Event	Default value
   PLC project does not match reference project	Selected
   Error matching PLC project to reference project	Selected
   Error getting PLC project information	Selected
   License has expired	Not selected
   End User License Agreement violation	Selected
   Failed to update	Not selected
   Application database is corrupted	Not selected
   Application database is extremely out of date	Not selected
   Application database is out of date	Not selected
   Application modules integrity is corrupted	Selected
   Network session listed as untrusted	Selected
   Application launch denied	Not selected
   Statistics only mode: application launch denied	Selected
   Error processing application launch	Not selected
   Error processing device connection	Selected
   Statistics Only: untrusted external device detected	Not selected
   Untrusted external device detected and restricted	Selected
   Statistics only: untrusted external device detected	Selected
   Infected or other object detected	Not selected
   KSN-untrusted object found	Selected
   Probably infected object detected	Selected
   Object not disinfected	Not selected
   Object not backed up	Not selected
   Object not quarantined	Not selected

Page top