Support

Support for business applications

Kaspersky Endpoint Detection and Response Expert

Custom rules

Viewing and configuring custom rules list
Kaspersky Endpoint Detection and Response Expert
Online Help
Advice & Solutions FAQ Download Forum Contact support Recovery tools Product videos

Viewing and configuring custom rules list

March 20, 2024

ID 221545

Expand all | Collapse all

The table of custom rules contains information about custom rules that are used to scan events and create alerts. Custom rules are divided into custom IOA rules and exclusions from Kaspersky rules.

To view custom rules:

  1. In the main menu, go to MONITORING & REPORTING → CUSTOM RULES.

    The custom rule section is divided into two tabs.

  2. Go to the Custom IOA rules or Exclusions from Kaspersky rules tab.

The list of custom rules is displayed.

Table columns

The custom rules table has the following columns:

  • Name
  • State
  • Severity
  • Confidence
  • Action
  • Description
  • Recommendations
  • Possible false positives

Sorting the values

To sort values in a custom rules table:

  1. In the main menu, go to MONITORING & REPORTING → CUSTOM RULES.

    The custom rule section is divided into two tabs.

  2. Go to the Custom IOA rules or Exclusions from Kaspersky rules tab.
  3. Click the name of a column, and then choose descending or ascending order.

The values are sorted. The arrow next to the column name shows the sort direction. The sorting parameters are saved for further use.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.