Support

Support for business applications

Kaspersky CyberTrace

User guides

Application for Splunk

Alert templates
Kaspersky CyberTrace
Нет результатов
Online Help
FAQ System requirements Download Contact support Recovery tools Product videos

Alert templates

April 11, 2024

ID 171418

Kaspersky CyberTrace App for Splunk comes with several alert templates that you can use and customize from the Alerts dashboard.

Alert templates and triggers

Following alert templates are available:

  • Matches alert

    This alert is triggered if there were threats detected in the past 24 hours when matching with Kaspersky Threat Data Feeds.

  • No Matches alert

    This alert is triggered if there were no threats detected in the past 24 hours when matching with Kaspersky Threat Data Feeds.

  • Emergency alert

    This alert is triggered if there were 5000 threats detected in the course of 1 minute when matching with Kaspersky Threat Data Feeds.

  • Service Unavailable alert

    This alert is triggered if Kaspersky CyberTrace Service is unavailable.

    This alert contains the date when the alert was generated followed by a timestamp in the UNIX time format.

  • Service Started alert

    This alert is triggered when Kaspersky CyberTrace Service is started.

    This alert contains the date when the alert was generated followed by a timestamp in the UNIX time format.

Alert actions

By default, the Add to Triggered Alerts action is defined for all alerts. As an option, you can add a "Send email" action so that Splunk will send an email message to the email address specified for the action.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.