Monitoring traffic lights and logged events in Administration Console

Administration Console allows you to quickly assess the current status of Kaspersky Security Center and managed devices by checking traffic lights. The traffic lights are shown in the workspace of the Administration Server node, on the Monitoring tab. The tab provides six information panels with traffic lights and logged events. A traffic light is a colored vertical bar on the left side of a panel. Each panel with a traffic light corresponds to a specific functional scope of Kaspersky Security Center (see the table below).

Scopes covered by traffic lights in Administration Console

Panel name

Traffic light scope

Deployment

Installing Network Agent and security applications on devices on an organization's network

Management scheme

Structure of administration groups. Network scanning. Device moving rules

Protection settings

Security application functionality: protection status, virus scanning

Update

Updates and patches

Monitoring

Protection status

Administration Server

Administration Server features and properties

Each traffic light can be any of these four colors (see the table below). The color of a traffic light depends on the current status of Kaspersky Security Center and on events that were logged.

Color codes of traffic lights

Status

Traffic light color

Traffic light color meaning

Informational

Green

Administrator's intervention is not required.

Warning

Yellow

Administrator's intervention is required.

Critical

Red

Serious problems have been encountered. Administrator's intervention is required to solve them.

Informational

Light blue

Events have been logged that are unrelated to potential or actual threats to the security of managed devices.

The administrator's goal is to keep traffic lights on all of the information panels on the Monitoring tab green.

The information panels also show logged events that affect traffic lights and the status of Kaspersky Security Center (see the table below).

Name, description, and traffic light colors of logged events

Traffic light color

Event type display name

Event type

Description

Red

License expired on %1 device(s)

IDS_AK_STATUS_LIC_EXPAIRED

Events of this type occur when the commercial license has expired.

Once a day Kaspersky Security Center checks whether the license has expired on the devices.

When the commercial license expires, Kaspersky Security Center provides only basic functionality.

To continue using Kaspersky Security Center, renew your commercial license.

Red

Security application is not running on: %1 device(s)

IDS_AK_STATUS_AV_NOT_RUNNING

Events of this type occur when the security application installed on the device is not running.

Make sure that Kaspersky Endpoint Security is running on the device.

Red

Protection is disabled on: %1 device(s)

IDS_AK_STATUS_RTP_NOT_RUNNING

Events of this type occur when the security application on the device has been disabled for longer than the specified time interval.

Check the current status of real-time protection on the device and make sure that all the protection components that you need are enabled.

Red

A software vulnerability has been detected on devices

IDS_AK_STATUS_VULNERABILITIES_FOUND

Events of this type occur when the Find vulnerabilities and required updates task has detected vulnerabilities with the severity level specified in applications installed on the device.

Check the list of available updates in the Software updates subfolder included in the Application management folder. This folder contains a list of updates for Microsoft applications and other software vendors products retrieved by Administration Server, which can be distributed to devices.

After viewing information about available updates, install them on the device.

Red

Critical events have been registered on the Administration Server

IDS_AK_STATUS_EVENTS_OCCURED

Events of this type occur when Administration Server critical events are detected.

Check the list of events stored on the Administration Server, and then fix the critical events one by one.

Red

Errors have been logged in events on the Administration Server

IDS_AK_STATUS_ERROR_EVENTS_OCCURED

Events of this type occur when unexpected errors are logged on the Administration Server side.

Check the list of events stored on the Administration Server, and then fix the errors one by one.

Red

Lost connection to %1 device(s)

IDS_AK_STATUS_ADM_LOST_CONTROL1

Events of this type occur when the connection between the Administration Server and the device is lost.

View the list of disconnected devices and try to reconnect them.

Red

%1 device (s) have not connected to the Administration Server in a long time

IDS_AK_STATUS_ADM_NOT_CONNECTED1

Events of this type occur when the device has not connected to the Administration Server within the specified time interval, because the device was turned off.

Make sure that the device is turned on and that Network Agent is running.

Red

%1 device(s) have a status other than OK

IDS_AK_STATUS_HOST_NOT_OK

Events of this type occur when the OK status of the device connected to the Administration Server changes to Critical or Warning.

You can troubleshoot the problem by using the Kaspersky Security Center remote diagnostics utility.

Red

Databases are outdated on: %1 device(s)

IDS_AK_STATUS_UPD_HOSTS_NOT_UPDATED

Events of this type occur when the anti-virus databases have not been updated on the device within the specified time interval.

Follow the instructions to update Kaspersky databases.

Red

Device(s) where check for Windows Update updates has not been performed in a long time: %1

IDS_AK_STATUS_WUA_DATA_OBSOLETE

Events of this type occur when the Perform Windows Update synchronization task has not been run within the specified time interval.

Follow the instructions to synchronize updates from Windows Update with Administration Server.

Red

%1 plug-in(s) for Kaspersky Security Center 14 must be installed

IDS_AK_STATUS_PLUGINS_REQUIRED2

Events of this type occur when you need to install additional plug-ins for Kaspersky applications.

Download and install the required management plug-ins for the Kaspersky application from the Kaspersky Technical Support webpage.

Red

Active threats are detected on %1 device(s)

IDS_AK_STATUS_NONCURED_FOUND

Events of this type occur when active threats are detected on managed devices.

View information about the detected threats, and then follow the recommendations.

Red

Task %1 has completed with an error

IDS_AK_STATUS_TASK_FAILED

Events of this type occur when a task execution completes with an error.

Check the properties of the task, and then reconfigure the task.

Red

Too many viruses have been detected on: %1 device(s)

IDS_AK_STATUS_TOO_MANY_THREATS

Events of this type occur when viruses are detected on managed devices.

View information about the detected viruses, and then follow the recommendations.

Red

Virus outbreak

IDS_AK_STATUS_VIRUS_OUTBREAK

Events of this type occur when the number of malicious objects detected on several managed devices exceeds the threshold within a short period of time.

View information about the detected threats, and then follow the recommendations.

Red

Databases in the repository have not been updated in a long time

IDS_AK_STATUS_UPD_SERVER_NOT_UPTODATE

Events of this type occur when the anti-virus databases have not been updated on the device for two days.

Check the frequency of updating the anti-virus databases, and then update the anti-virus databases.

Yellow

Databases in the repository have not been updated in a long time

IDS_AK_STATUS_UPD_SERVER_NOT_UPTODATE

Events of this type occur when the anti-virus databases have not been updated on the device for more than one day but less than two days.

Check the frequency of updating the anti-virus databases, and then update the anti-virus databases.

Yellow

Conflict of NetBIOS names has been detected on devices

IDS_AK_STATUS_ADM_NAME_CONFLICT

Events of this type occur when the devices have the same NetBIOS names.

Rename the devices.

Yellow

On %s device(s), data encryption has switched to the status specified in the device status detection criteria

IDS_AK_STATUS_ENCRYPTION_FAULTS_FOUND

Events of this type occur when data encryption fails on managed devices.

 

Yellow

License %1 expires in %2 days

IDS_AK_STATUS_LIC_EXPAIRING

Events of this type occur when the license on the device expires in a specified number of days.

To continue using Kaspersky Security Center, renew your commercial license.

Yellow

Unassigned devices that have Network Agent installed: %1

IDS_AK_STATUS_NAGENTS_IN_UNASSIGNED

Events of this type occur when new devices are discovered on the network.

Move the devices with Network Agent to the groups of managed devices.

Yellow

Network Agents on %1 device(s) cannot run until restart. For the previous time, this status was %2

IDS_AK_STATUS_NAGENTS_NOT_RUNNING_UNTIL_REBOOT

Events of this type occur when Network Agent is not running on the devices.

Restart the devices.

Yellow

Detected files must be sent to Kaspersky for further analysis

IDS_AK_STATUS_NEW_APS_FILE_APPEARED

Events of this type occur when files that are probably infected with viruses are detected and moved to Quarantine.

Send the files to Kaspersky for further analysis.

Yellow

Managed device(s): %1. Security application is installed on: %2 device(s)

IDS_AK_STATUS_NO_AV

Events of this type occur when Kaspersky Endpoint Security is not installed on all managed devices.

Install Kaspersky Endpoint Security on all managed devices.

Yellow

Installation task %1 has completed successfully on %2 device(s); restart is required on %3 device(s)

IDS_AK_STATUS_RI_NEED_REBOOT

Events of this type occur when Kaspersky Endpoint Security has just been installed on managed devices.

Reboot the devices after Kaspersky Endpoint Security is installed.

Yellow

Malware scan has not been performed in a long time on: %1 device(s)

IDS_AK_STATUS_SCAN_LATE

Events of this type occur when you need to perform a malware scan on managed devices.

Run a virus scan.

Yellow

Device(s) with software vulnerabilities detected: %1

IDS_AK_STATUS_VULNERABLE_HOSTS_FOUND

Events of this type occur when vulnerabilities are detected on a managed device.

View information about detected vulnerabilities and fix them.

Green

Managed device(s): %3. Unassigned device(s) detected: %1

IDS_AK_STATUS_ADM_OK1

Events of this type occur when new devices are detected in administration groups.

Green

Security application is installed on all managed devices

IDS_AK_STATUS_DEPLOYMENT_OK

Events of this type occur when Kaspersky Endpoint Security is installed on all managed devices.

Green

Kaspersky Security Center is functioning properly

IDS_AK_STATUS_GENERAL_OK

Events of this type occur when Kaspersky Security Center is functioning properly.

Green

Real-time protection application is not installed

IDS_AK_STATUS_RTP_NA

Events of this type occur when the anti-virus application is not installed on managed devices.

Green

Protection is enabled

IDS_AK_STATUS_RTP_OK

Events of this type occur when the real-time protection is enabled on managed devices.

Green

Security application is not installed

IDS_AK_STATUS_SCAN_NA

Events of this type occur when the anti-virus application is not installed on managed devices.

Green

Malware scan is running on schedule

IDS_AK_STATUS_SCAN_OK

Events of this type occur when the Malware scan task is running on schedule.

Green

Updates repository has been last updated: %1

IDS_AK_STATUS_UPD_OK

Events of this type occur when the updates repository is updated.

Light blue

Databases in the repository have not been updated in a long time

IDS_AK_STATUS_UPD_SERVER_NOT_UPTODATE

Events of this type occur when the anti-virus databases were updated during the day.

Light blue

The accepted Kaspersky Security Network Statement is obsolete

IDS_AK_STATUS_ACCEPTED_KSN_AGREEMENT_OBSOLETE

Events of this type occur when Kaspersky Security Network Statement becomes out-of-date.

Light blue

Kaspersky software updates have not been approved

IDS_AK_STATUS_APPLICABLE_KL_PATCHES_NOT_APPROVED

Events of this type occur when the administrator has not yet approved the applicable patches for managed Kaspersky applications.

Light blue

Kaspersky application updates have been revoked

IDS_AK_STATUS_APPLICABLE_KL_PATCHES_REVOKED

Events of this type occur when the administrator has not yet declined the revoked patches.

Light blue

End User License Agreement for Kaspersky mobile software has not been accepted

IDS_AK_STATUS_KL_MOBILE_EULAS_NOT_ACCEPTED

Events of this type occur when the administrator has not yet accepted the End User License Agreement for Kaspersky mobile software.

Light blue

End User License Agreement for Kaspersky software updates has not been accepted

IDS_AK_STATUS_KL_PATCHES_EULAS_NOT_ACCEPTED

Events of this type occur when the administrator has not yet accepted the End User License Agreement for Kaspersky software updates.

Light blue

Kaspersky Security Network Statement for Kaspersky software updates has not been accepted

IDS_AK_STATUS_KL_PATCHES_KSN_AGREEMENTS_NOT_ACCEPTED

Events of this type occur when the administrator has not yet accepted the Kaspersky Security Network Statement for Kaspersky software updates.

Light blue

You must accept the License Agreement to install updates

IDS_AK_STATUS_NEED_ACCEPT_EULA

Events of this type occur when new updates are available for installation, but the administrator has not yet accepted the License Agreement.

Light blue

New versions of Kaspersky applications are available

IDS_AK_STATUS_NEW_DISTRIBUTIVES_AVAILABLE

Events of this type occur when new versions of Kaspersky applications are available for installation on managed devices.

Light blue

Updates are available for Kaspersky Security Center components

IDS_AK_STATUS_NEW_KSC_VERSIONS_AVAILABLE

Events of this type occur when updates are available for Kaspersky Security Center components.

Light blue

Updates are available for Kaspersky applications

IDS_AK_STATUS_NEW_VERSIONS_AVAILABLE

Events of this type occur when updates are available for Kaspersky applications.

Light blue

Application installation task %1 has completed successfully on %2 device(s), failed on %3 device(s)

IDS_AK_STATUS_RI_FAILED

Events of this type occur when the Application installation task has installed the software only on some devices in the specified pool.

Light blue

Running deployment task - %1 (%2%%)

IDS_AK_STATUS_RI_RUNNING

Events of this type occur when a deployment task is running on managed devices.

Light blue

Full scan has never been performed on %1 device(s)

IDS_AK_STATUS_SCAN_NOT_SCANNED

Events of this type occur when a full scan has never been performed on the specified number of devices.

Light blue

Running the update download task (progress: %1 %%)

IDS_AK_STATUS_UPD_SRV_UPDATE_IN_PROGRESS

Events of this type occur when a task for downloading updates is running on managed devices.

Page top