Configuring events of Kaspersky Sandbox

To configure events of Kaspersky Sandbox:

1. Open the Kaspersky Security Center Administration Console.
2. In the console tree, select the Policies folder.
3. Select the necessary policy and double-click it to open its properties.
4. Select the Event settings section.

   The list of events is displayed, grouped by severity. The event list contains names of events and the default expiration time for events stored on the Administration Server (in days).

5. Select the event that you want to configure.
6. In the lower right corner of the window, click Properties.

   The properties window for the selected event opens.

7. You can configure the following event settings:
   1. Under Event logging, enter the expiration time of stored events in days and select one or more event storage types:
      • Export to the SIEM system over the Syslog protocol.
      • In the OS event log on the client device.
      • In the OS event log on the Administration Server.
   2. Under Event notifications, select one or more event notification methods:
      • Notify by email.
      • Notify by SMS.
      • Notify by launching an executable file or script.
      • Notify by SNMP.

See also Installing the Kaspersky Sandbox management plug-in Configuring Kaspersky Sandbox device status display in KSC Getting started with Kaspersky Sandbox in the KSC Administration Console Viewing information about Kaspersky Sandbox and the database update status Going to the Kaspersky Sandbox web interface Viewing Kaspersky Sandbox license information Displaying information about the Kaspersky Sandbox management plug-in. Viewing the threat report Viewing object scanning statistics Adding a Kaspersky Sandbox license key using the KSC Replacing a Kaspersky Sandbox license key using the KSC

Page top