For each event type, its display name, identifier (ID), alphabetic code, description, and the default storage term are provided.
Event type display name. This text is displayed in Kaspersky Security Center Linux when you configure events and when they occur.
Event type ID. This numerical code is used when you process events by using third-party tools for event analysis.
Event type (alphabetic code). This code is used when you browse and process events by using public views that are provided in the Kaspersky Security Center Linux database and when events are exported to a SIEM system.
Description. This text contains the situations when an event occurs and what you can do in such a case.
Default storage term. This is the number of days during which the event is stored in the Administration Server database and is displayed in the list of events on Administration Server. After this period elapses, the event is deleted. If the event storage term value is 0, such events are detected but are not displayed in the list of events on Administration Server. If you configured to save such events to the operating system event log, you can find them there.