You can manually configure the event search settings or use automatically applied filtering criteria when navigating directly from theUp-to-date events of KICS for Networks web widget.
To manually configure these settings, you need to open the Events tab in the search request details area.
To open the Events tab in the search request details area:
Go to the KICS for Networks → Search section of the Web Console.
Do one of the following:
If a search request was not created during the current session and this section is not displaying a search results table, click the Find events or devices button.
If a search request was created in the current session and this section is displaying a search results table, click the Search button in the toolbar.
The Search button displays the number of filtering criteria (defined settings) of the current search request.
In the search request details area, go to the Events tab.
After configuring the settings, you can start searching for events in the databases of Servers by using the Find button.
You can configure the following settings in an event search request:
Title – title defined for the event type in Kaspersky Industrial CyberSecurity for Networks. The complete title must be specified.
Servers – names used to represent the Servers in Kaspersky Security Center (device names in administration groups).
Last seen – period for filtering events by date and time of last appearance.
Source – address information (MAC/IP addresses or port numbers) of the senders of network packets.
Destination – address information (MAC/IP addresses or port numbers) of the recipients of network packets.
Technologies – icons and names of technologies that were used to register the events.
Severity – icons and names of the severity levels of events.
You can clear the defined settings in a search request by clicking the Reset filters button.