Kaspersky Security Center Linux can notify the administrator about events on client devices by running an executable file. The executable file must contain another executable file with placeholders of the event to be relayed to the administrator.
Placeholders for describing an event
Placeholder |
Placeholder description |
---|---|
%SEVERITY% |
Event importance level |
%COMPUTER% |
Name of the device where the event occurred |
%DOMAIN% |
Domain |
%EVENT% |
Event |
%DESCR% |
Event description |
%RISE_TIME% |
Time created |
%KLCSAK_EVENT_TASK_DISPLAY_NAME% |
Task name |
%KL_PRODUCT% |
Network Agent |
%KL_VERSION% |
Network Agent version number |
%HOST_IP% |
IP address |
%HOST_CONN_IP% |
Connection IP address |
Example: Event notifications are sent by an executable file (such as script1.bat) inside which another executable file (such as script2.bat) with the %COMPUTER% placeholder is launched. When an event occurs, the script1.bat file is run on the administrator's device, which, in turn, runs the script2.bat file with the %COMPUTER% placeholder. The administrator then receives the name of the device where the event occurred. |