By default, the Log Inspection task has the settings described in the table below. You can change the values of these settings.
Default Log Inspection task settings
Setting |
Default value |
Description |
|---|---|---|
Apply custom rules for log inspection |
Applied. |
You can enable, disable, add, or modify the custom rules. |
Apply predefined rules for log inspection |
Applied. |
You can enable or disable the heuristic analyzer, which detects abnormal activity on the protected device. |
Brute-force attack detection |
10 logon failures per 300 seconds. |
You can set the number of attempts and time frame used, which will be considered as triggers by the heuristic analyzer. |
Network logon |
12:00:00 AM. |
You can indicate the start and end of the time interval during which Kaspersky Security for Windows Server treats sign-in attempts as abnormal activity. |
Exclusions |
Not applied. |
You can specify users and IP addresses which will not trigger the heuristic analyzer. |
Task start schedule |
First run is not scheduled. |
You can configure settings to start the task on a schedule. |