Limitations of Kaspersky Security Integration with SIEM

Kaspersky Security Integration with SIEM has the following limitations:

• One Kaspersky Security for Microsoft Office 365 workspace can be simultaneously integrated either with Splunk Enterprise or with Autotask/ConnectWise Manage.
• Out of different SIEM systems, the application supports only Splunk Enterprise.
• After configuring an integration, you cannot remove either a client certificate or a server certificate.
• The application does not support Kaspersky Business Hub accounts that have two-step verification enabled. Therefore, before connecting Kaspersky Security Integration with SIEM to Kaspersky Business Hub, you must disable two-step verification in the settings of your account on Kaspersky Business Hub. After the integration is configured, you can enable two-step verification again.
• When a problem that resulted in sending an event is resolved, Splunk Enterprise is not notified about this.

Page top