File Integrity Monitor
This component is available if Kaspersky Endpoint Security is installed on a computer that runs on Windows for servers. This component is unavailable if Kaspersky Endpoint Security is installed on a computer that runs on Windows for workstations.
File Integrity Monitor works only on servers with NTFS or ReFS file system.
Kaspersky Endpoint Security for Windows 11.11.0 includes the File Integrity Monitor component. File Integrity Monitor detects changes to objects (files and folders) in a given monitoring area. These changes may indicate a computer security breach. When object changes are detected, the application informs the administrator.
To use File Integrity Monitor you need to configure component's scope, i.e. select objects, the state of which should be monitored by the component.
You can view information about the results of File Integrity Monitor operation in Kaspersky Security Center and in the interface of Kaspersky Endpoint Security for Windows.
File Integrity Monitor component settings
Parameter | Description |
|---|---|
Event severity level | Kaspersky Endpoint Security logs file modification events whenever a file in the monitoring scope is modified. The following event severity levels are available: Informational, Warning, Critical. |
Monitoring scope | List of files and folders that File Integrity Monitor monitors. Kaspersky Endpoint Security supports environment variables and the |
Exclusions | List of exclusions from the monitoring scope. Kaspersky Endpoint Security supports environment variables and the |
