Configuring events of Kaspersky Sandbox
To configure events of Kaspersky Sandbox:
- Open the Kaspersky Security Center Administration Console.
- In the console tree, select the Policies folder.
- Select the necessary policy and double-click it to open its properties.
- Select the Event settings section.
The list of events is displayed, grouped by severity. The event list contains names of events and the default expiration time for events stored on the Administration Server (in days).
- Select the event that you want to configure.
- In the lower right corner of the window, click Properties.
The properties window for the selected event opens.
- You can configure the following event settings:
- Under Event logging, enter the expiration time of stored events in days and select one or more event storage types:
- Export to the SIEM system over the Syslog protocol.
- In the OS event log on the client device.
- In the OS event log on the Administration Server.
- Under Event notifications, select one or more event notification methods:
- Notify by email.
- Notify by SMS.
- Notify by launching an executable file or script.
- Notify by SNMP.