Checking assets status in Kaspersky Security Center

Expand all | Collapse all

You can check the status of your assets by using the MDR Health functionality. It enables you to check which assets are currently protected by Kaspersky Managed Detection and Response and which ones never sent telemetry to Kaspersky Managed Detection and Response.

For assets with Kaspersky Endpoint Security for Windows 12.3 and later working in the Endpoint Detection and Response Agent (EDR Agent) configuration, the displayed status in MDR does not reflect the actual status.

Statuses of the assets that have sent telemetry at least once

To check the assets status:

  1. In the MDR section of Kaspersky Security Center, navigate to the MDR Health tab.
  2. Select the All assets ever seen tab.

    A list of all assets that have sent telemetry to Kaspersky Managed Detection and Response at least once is displayed.

    The following details are displayed for each asset:

  3. Use the following sorting and filtering options to work with this list:
    • Click any column header to sort the list by the selected column values.
    • Click the Status column, and then select the required statuses. The list will be filtered to show only the assets with the selected statuses.
    • Click the filter icon (export), and then select the time period to view only those assets that were last seen during the selected time period. You can also specify a custom time period.
    • Click the export icon (export) above the asset list to make a CSV export.
    • Use the Search field to search for assets by name.

Statuses of the assets that never sent telemetry

This feature is working properly in Kaspersky Security Center 15.1 Windows and later versions, Kaspersky Security Center 15.1 Linux and later versions, and Kaspersky Security Center Cloud Console.

To view the assets that never sent telemetry:

  1. In the MDR section of Kaspersky Security Center, navigate to the MDR Health tab.
  2. Select the Malfunctioning assets tab.

    The console displays a list of the assets that have been added to Kaspersky Security Center, but never sent telemetry to Kaspersky Managed Detection and Response.

    The following details are displayed for each asset:

    • Asset name
    • EPP applications
    • MDR state
    • KSC Server
    • State of critical components
  3. If necessary, you can filter the assets by MDR status. To do so, click the filter icon (export), and then select the required MDR statuses. The console will display only those assets on which the MDR component has one of the selected MDR statuses. Alternatively, select one of the following options:
    • Installed and activated—The list will be filtered to display the assets that have one of the following MDR statuses: Unknown, Stopped, Paused, Starting, Running, or Failed.
    • License is missing or expired—The list will be filtered to display the assets that have the No license MDR status.
  4. If necessary, click the Export button to export the asset list to a CSV file.
Page top