Configuring the policy in the Event configuration section

To avoid the Administration Server database overflow, we recommend that you save only important events to the database.

To configure registration of important events in the Administration Server database:

  1. In the main menu, go to DEVICES → POLICIES & PROFILES.
  2. Click the policy for Kaspersky Endpoint Security for Windows.

    The properties window of the selected policy opens.

  3. In the policy properties, open the Event configuration tab.
  4. In the Critical section, click Add events and select check boxes next to the following events only:
    • License Agreement violated
    • Application autorun is disabled
    • Activation error
    • Active threat detected. Start Advanced Disinfection
    • Disinfection not possible
    • Previously opened dangerous link detected
    • Process terminated
    • Network activity blocked
    • Network attack detected
    • Application startup prohibited
    • Access denied (local bases)
    • Access denied (KSN)
    • Local update error
    • Cannot start two tasks at the same time
    • Error in interaction with Kaspersky Security Center
    • Not all components were updated
    • Error applying file encryption / decryption rules
    • Error enabling portable mode
    • Error disabling portable mode
    • Could not load encryption module
    • Policy cannot be applied
    • Error changing application components
  5. Click OK.
  6. In the Functional failure section, click Add events and select check boxes next to the following events only:
    • Invalid task settings. Settings not applied
  7. Click OK.
  8. In the Warning section, click Add events and select check boxes next to the following events only:
    • Self-Defense is disabled
    • Protection components are disabled
    • Incorrect reserve key
    • Legitimate software that can be used to harm your computer or personal data was detected (local bases)
    • Legitimate software that can be used to harm your computer or personal data was detected (KSN)
    • Object deleted
    • Object disinfected
    • User has opted out of the encryption policy
    • File restored from KATA Quarantine
    • File moved to KATA Quarantine
    • Application startup blockage message to administrator
    • Device access blockage message to administrator
    • Web page access blockage message to administrator
  9. Click OK.
  10. In the Info section, click Add events and select check boxes next to the following events only:
    • A backup copy of the object was created
    • Application startup prohibited in test mode
  11. Click OK.

Registration of important events in the Administration Server database is configured.

See also:

Scenario: Configuring network protection

Page top