In KUMA, you can receive events directly from the Kaspersky Security Center SQL database. Events are received by using a collector, which utilizes the provided resources of the connector [Example] KSC SQL and normalizer [Example] KSC from SQL.
To create a collector to receive Kaspersky Security Center events:
sqlserver://user:password@kscdb.example.com:1433/KAV
where:
user
—user account with public and db_datareader rights to the required database.password
—user account password.kscdb.example.com:1433
—address and port of the database server.KAV
—name of the database.An example of a query to the Kaspersky Security Center SQL database
Upon completion of the Wizard, a collector service is created in the KUMA web interface. You can use this collector service to import events from the SQL database of Kaspersky Security Center.
Page top