Monitoring the results of sending objects for scanning by Kaspersky Sandbox and running IOC scanning tasks

You can monitor the results of sending objects to be scanned by Kaspersky Sandbox and running IOC scanning tasks on hosts in the following ways:

To enable logging of event information in Microsoft Windows and/or Kaspersky Endpoint Security event logs and sending event notifications:

  1. In the main window of Web Console, go to the DevicesPolicies & profiles section.
  2. Click the name of the Kaspersky Endpoint Security policy.
  3. Go to the Application settings tab.
  4. Select the General settings section.
  5. Click Interface.
  6. This opens a window; in this window, in the Notifications section, click Notification settings.

    Events are grouped in sections in accordance with severity levels:

    • Critical
    • Functional failure
    • Warning
    • Informational message

    Each section displays a list of event types.

  7. If you want to enable the logging of information in event logs, select the Save in local report or Save in Windows Event Log check boxes.

    You can select both check boxes at the same time.

    Events that have the Save in local report check box selected are displayed in Applications and Services Logs in the Kaspersky Event Log section. Events that have the Save in Windows Event Log check box selected are displayed in Windows logs in the Application section.

    To open the Windows event logs, select StartControl PanelAdministrationEvent Viewer.

    To minimize the amount of records about repeating critical events, Kaspersky Endpoint Security logs every event the first time when it occurs and then every 25th event for the following event types: Error submitting scan task to Kaspersky Sandbox, An internal error occurred, Maximum load on Kaspersky Sandbox exceeded, The Kaspersky Sandbox node is unavailable.

  8. If you want to enable the sending of event notifications:
    • Select the Notify on screen check box if you want the information about selected events to be displayed on the screen as pop-up notifications in the notification area of the Microsoft Windows taskbar.
    • Select the Notify by email check box if you want the notifications to be delivered by email.

      You can select both check boxes at the same time.

      To have the notifications delivered to an email address, you must configure the email notification delivery.

  9. Save your changes.

The logging of event information in Microsoft Windows and/or Kaspersky Endpoint Security event logs and sending event notifications are enabled.

See also

Getting started with Kaspersky Endpoint Security

Configuring the proxy server connection

Configuring the integration of Kaspersky Endpoint Security with Kaspersky Sandbox

Managing stand-alone IOC scanning tasks

Configuring Threat Response actions of Kaspersky Endpoint Security to respond to threats detected by Kaspersky Sandbox

Configuring Quarantine settings

Configuring data synchronization with the Administration Server

Page top