Kaspersky Unified Monitoring and Analysis Platform
- About Kaspersky Unified Monitoring and Analysis Platform
- Program architecture
- Installing and removing KUMA
- Program licensing
- About the End User License Agreement
- About the license
- About the license certificate
- About the license key
- About the key file
- Adding a license key to the program web interface
- Viewing information about an added license key in the program web interface
- Removing a license key in the program web interface
- Integration with other solutions
- Integration with Kaspersky Security Center
- Integration with Kaspersky CyberTrace
- Integration with Kaspersky Threat Intelligence Portal
- Integration with R-Vision Incident Response Platform
- Integration with Active Directory
- Integration with RuCERT
- KUMA resources
- KUMA services
- Analytics
- Working with tenants
- Working with incidents
- About the incidents table
- Saving and selecting incident filter configuration
- Deleting incident filter configurations
- Viewing detailed incident data
- Incident creation
- Incident processing
- Changing incidents
- Automatic linking of alerts to incidents
- Categories and types of incidents
- Exporting incidents to RuCERT
- Working with alerts
- Working with events
- Retroscan
- Managing assets
- Managing KUMA
- Contacting Technical Support
- REST API
- REST API authorization
- Standard error
- Operations
- View list of active lists on the correlator
- Import entries to an active list
- Searching alerts
- Closing alerts
- Searching assets
- Import assets
- Deleting assets
- Searching events
- Viewing information about the cluster
- Resource search
- Loading resource file
- Viewing the contents of a resource file
- Import of resources
- Export resources
- Downloading the resource file
- Search for services
- Tenant search
- View token bearer information
- Appendices
- Commands for components manual starting and installing
- Normalized event data model
- Correlation event fields
- Audit event fields
- Event fields with general information
- User was successfully logged in or failed to log in
- User login successfully changed
- User role was successfully changed
- Other data of the user was successfully changed
- User successfully logged out
- User password was successfully changed
- User was successfully created
- User access token was successfully changed
- Service was successfully created
- Service was successfully deleted
- Service was successfully reloaded
- Service was successfully restarted
- Service was successfully started
- Service was successfully paired
- Service status was changed
- Storage index was deleted by user
- Storage partition was deleted automatically due to expiration
- Active list was successfully cleared or operation failed
- Active list item was successfully deleted or operation was unsuccessful
- Active list was successfully imported or operation failed
- Active list was exported successfully
- Resource was successfully added
- Resource was successfully deleted
- Resource was successfully updated
- Asset was successfully created
- Asset was deleted successfully
- Asset category was successfully added
- Asset category was deleted successfully
- Settings were successfully updated
- Information about third-party code
- Trademark notices
Integration with other solutions > Integration with Kaspersky Security Center > Managing Kaspersky Security Center connections > Creating Kaspersky Security Center connection
Creating Kaspersky Security Center connection
Creating Kaspersky Security Center connection
To create a new Kaspersky Security Center connection:
- Open the KUMA web interface and select the Settings section.
- In the left part of the Settings section, select the Settings → KSC tab.
The Connections to Kaspersky Security Center table will appear on the right in the Settings section.
- Select the tenant for which you want to create a connection to Kaspersky Security Center.
The Kaspersky Security Center connection table will appear on the right in the Settings section.
- Click the Add KSC connection button and set the parameters as described below:
- Name (required)—enter the unique name of the Kaspersky Security Center connection. Must contain from 1 to 128 Unicode characters.
- URL (required)—enter the URL of the Kaspersky Security Center server in the hostname:port or IPv4:port format.
- Disabled—clear this check box if you want to use this Kaspersky Security Center connection. By default, this check box is cleared.
- In the Secret drop-down list select the Secret resource with the credentials of the Kaspersky Security Center you need or create a new Secret resource using the plus button.
Creating resource with Kaspersky Security Center credentials
Credentials for the Kaspersky Security Center server are stored in the Secret resources.
To create the Secret resource with Kaspersky Security Center server credentials:
- In the Resources section of the KUMA web interface, select Secrets.
The list of available secrets will be displayed.
- On the left in the Secrets window select the tenant in which the connection to Kaspersky Security Center with these credentials will be used.
- If required, select the folder where you want to create the secret.
- Click the Add secret button to create a new secret. This resource is used to store credentials of the Kaspersky Security Center server.
The secret window is displayed.
- Enter information about the secret:
- In the Name field, choose a name for the added secret.
- In the Tenant drop-down list, select the tenant that will own the Kaspersky Security Center account credentials.
- In the Type drop-down list, select credentials.
- In the User and Password fields, enter credentials for your Kaspersky Security Center server.
- If you want, enter a Description of the secret.
- Click Save.
The Kaspersky Security Center server credentials are now saved and can be used in other KUMA resources.
- In the Resources section of the KUMA web interface, select Secrets.
- Click Save.
The Kaspersky Security Center connection has been created. It can be used to import information about assets from Kaspersky Security Center to KUMA and to create asset related tasks in Kaspersky Security Center from KUMA.
Article ID: 217788, Last review: Sep 2, 2022