Configuring events of Kaspersky Sandbox

To configure events of Kaspersky Sandbox:

  1. Open the Kaspersky Security Center Administration Console.
  2. In the console tree, select the Policies folder.
  3. Select the necessary policy and double-click it to open its properties.
  4. Select the Event settings section.

    The list of events is displayed, grouped by severity. The event list contains names of events and the default expiration time for events stored on the Administration Server (in days).

  5. Select the event that you want to configure.
  6. In the lower right corner of the window, click Properties.

    The properties window for the selected event opens.

  7. You can configure the following event settings:
    1. Under Event logging, enter the expiration time of stored events in days and select one or more event storage types:
      • Export to the SIEM system over the Syslog protocol.
      • In the OS event log on the client device.
      • In the OS event log on the Administration Server.
    2. Under Event notifications, select one or more event notification methods:
      • Notify by email.
      • Notify by SMS.
      • Notify by launching an executable file or script.
      • Notify by SNMP.

See also

Installing the Kaspersky Sandbox management plug-in

Configuring Kaspersky Sandbox device status display in KSC

Getting started with Kaspersky Sandbox in the KSC Administration Console

Viewing information about Kaspersky Sandbox and the database update status

Going to the Kaspersky Sandbox web interface

Viewing Kaspersky Sandbox license information

Displaying information about the Kaspersky Sandbox management plug-in.

Viewing the threat report

Viewing object scanning statistics

Adding a Kaspersky Sandbox license key using the KSC

Replacing a Kaspersky Sandbox license key using the KSC

Page top