Device search settings
Expand all | Collapse all
Below are descriptions of the settings used for searching managed devices. Search results are displayed in the lower part of the window.
Network
On the Network tab, you can specify the criteria that will be used to search for devices according to their network data:
- Device name or IP address
Windows network name (NetBIOS name) of the device, or the IPv4 or IPv6 address.
- Windows domain
Displays all devices included in the specified Windows domain.
- Administration group
Displays devices included in the specified administration group.
- Description
Text in the device properties window: In the Description field of the General section.
To describe text in the Description field, you can use the following characters:
- Within a word:
- *. Replaces any string with any number of characters.
Example:
To describe words such as Server or Server's, you can enter Server*.
- ?. Replaces any single character.
Example:
To describe words such as Window or Windows, you can enter Windo?.
Asterisk (*) or question mark (?) cannot be used as the first character in the query.
- To find several words:
- Space. Displays all the devices whose descriptions contain any of the listed words.
Example:
To find a phrase that contains Secondary or Virtual words, you can include Secondary Virtual line in your query.
- +. When a plus sign precedes a word, all search results will contain this word.
Example:
To find a phrase that contains both Secondary and Virtual, enter the +Secondary+Virtual query.
- -. When a minus sign precedes a word, no search results will contain this word.
Example:
To find a phrase that contains Secondary and does not contain Virtual, enter the +Secondary-Virtual query.
- "<some text>". Text enclosed in quotation marks must be present in the text.
Example:
To find a phrase that contains Secondary Server word combination, you can enter "Secondary Server" in the query.
- IP range
If this option is enabled, you can enter the initial and final IP addresses of the IP range in which the relevant devices must be included.
By default, this option is disabled.
- Managed by a different Administration Server
Select one of the following values:
- Yes. Only the client devices managed by other Administration Servers are considered.
- No. Only the client devices managed by the same Administration Server are considered.
- No value is selected. The criterion will not be applied.
Tags
On the Tags tab, you can configure a device search based on key words (tags) that were previously added to the descriptions of managed devices:
- Apply if at least one specified tag matches
If this option is enabled, the search results will show devices with descriptions that contain at least one of the selected tags.
If this option is disabled, the search results will only show devices with descriptions that contain all the selected tags.
By default, this option is disabled.
- Tag must be included
If this option is selected, the search results will display the devices whose descriptions contain the selected tag. To find devices, you can use the asterisk, which stands for any string with any number of characters.
By default, this option is selected.
- Tag must be excluded
If this option is selected, the search results will display the devices whose descriptions do not contain the selected tag. To find devices, you can use the asterisk, which stands for any string with any number of characters.
Active Directory
On the Active Directory tab, you can specify that devices should be searched for in the Active Directory organizational unit (OU) or group. You can also include devices from all child OUs of the specified Active Directory OU in the selection. To select devices, define the following settings:
Network activity
On the Network activity tab, you can specify the criteria that will be used to search for devices according to their network activity:
- This device is a distribution point
In the drop-down list, you can set up the criterion for including devices in the selection when performing search:
- Yes. The selection includes devices that act as distribution points.
- No. Devices that act as distribution points are not included in the selection.
- No value is selected. The criterion will not be applied.
- Do not disconnect from the Administration Server
In the drop-down list, you can set up the criterion for including devices in the selection when performing search:
- Enabled. The selection will include devices on which the Do not disconnect from the Administration Server check box is selected.
- Disabled. The selection will include devices on which the Do not disconnect from the Administration Server check box is cleared.
- No value is selected. The criterion will not be applied.
- Connection profile switched
In the drop-down list, you can set up the criterion for including devices in the selection when performing search:
- Yes. The selection will include devices that connected to the Administration Server after the connection profile was switched.
- No. The selection will not include devices that connected to the Administration Server after the connection profile was switched.
- No value is selected. The criterion will not be applied.
- Last connected to Administration Server
You can use this check box to set a search criterion for devices according to the time they last connected to the Administration Server.
If this check box is selected, in the entry fields you can specify the time interval (date and time) during which the last connection was established between Network Agent installed on the client device and the Administration Server. The selection will include devices that fall within the specified interval.
If this check box is cleared, the criterion will not be applied.
By default, this check box is cleared.
- New devices detected by network poll
Searches for new devices that have been detected by network polling over the last few days.
If this option is enabled, the selection only includes new devices that have been detected by device discovery over the number of days specified in the Detection period (days) field.
If this option is disabled, the selection includes all devices that have been detected by device discovery.
By default, this option is disabled.
- Device is visible
In the drop-down list, you can set up the criterion for including devices in the selection when performing search:
- Yes. The application includes in the selection devices that are currently visible in the network.
- No. The application includes in the selection devices that are currently invisible in the network.
- No value is selected. The criterion will not be applied.
Application
On the Application tab, you can specify the criteria that will be used to search for devices according to the selected managed application:
- Application name
In the drop-down list, you can set a criterion for including devices in a selection when search is performed by the name of a Kaspersky application.
The list provides only the names of applications with management plug-ins installed on the administrator's workstation.
If no application is selected, the criterion will not be applied.
- Application version
In the entry field, you can set a criterion for including devices in a selection when search is performed by the version number of a Kaspersky application.
If no version number is specified, the criterion will not be applied.
- Critical update name
In the entry field, you can set a criterion for including devices in a selection when search is performed by application name or by update package number.
If the field is left blank, the criterion will not be applied.
- Modules last updated
You can use this option to set a criterion for searching devices by time of the last update of modules of applications installed on those devices.
If this check box is selected, in the entry fields you can specify the time interval (date and time) during which the last update of modules of applications installed on those devices was performed.
If this check box is cleared, the criterion will not be applied.
By default, this check box is cleared.
- Device is managed through Kaspersky Security Center 13.2
In the drop-down list, you can include in the selection the devices managed through Kaspersky Security Center:
- Yes. The application includes in the selection devices managed through Kaspersky Security Center.
- No. The application includes devices in the selection if they are not managed through Kaspersky Security Center.
- No value is selected. The criterion will not be applied.
- Security application is installed
In the drop-down list, you can include in the selection all devices with the security application installed:
- Yes. The application includes in the selection all devices with the security application installed.
- No. The application includes in the selection all devices with no security application installed.
- No value is selected. The criterion will not be applied.
Operating system
On the Operating system tab, you can set up the following criteria to find devices by their operating system (OS) type:
- Operating system version
If the check box is selected, you can select an operating system from the list. Devices with the specified operating systems installed are included in the search results.
- Operating system bit size
In the drop-down list, you can select the architecture for the operating system, which will determine how the moving rule is applied to the device (Unknown, x86, AMD64, or IA64). By default, no option is selected in the list so that the operating system's architecture is not defined.
- Operating system service pack version
In this field, you can specify the package version of the operating system (in the X.Y format), which will determine how the moving rule is applied to the device. By default, no version value is specified.
- Operating system build
This setting is applicable to Windows operating systems only.
The build number of the operating system. You can specify whether the selected operating system must have an equal, earlier, or later build number. You can also configure searching for all build numbers except the specified one.
- Operating system release ID
This setting is applicable to Windows operating systems only.
The release identifier (ID) of the operating system. You can specify whether the selected operating system must have an equal, earlier, or later release ID. You can also configure searching for all release ID numbers except the specified one.
Device status
On the Device status tab, you can specify criteria for searching devices based on the device status from the managed application:
- Device status
Drop-down list in which you can select one of the device statuses: OK, Critical, or Warning.
- Real-time protection status
Drop-down list, in which you can select the real-time protection status. Devices with the specified real-time protection status are included in the selection.
- Device status description
In this field, you can select the check boxes next to conditions that, if met, assign one of the following statuses to the device:
OK, Critical, or Warning.
- Device status defined by application
Drop-down list, in which you can select the real-time protection status. Devices with the specified real-time protection status are included in the selection.
Protection components
On the Protection components tab, you can set up the criteria to search for client devices by their protection status.
- Databases released
If this option is selected, you can search for client devices by anti-virus database release date. In the entry fields you can set the time interval, on the basis of which the search is performed.
By default, this option is disabled.
- Last scanned
If this check option is enabled, you can search for client devices by time of the last virus scan. In the entry fields you can specify the time period within which the last virus scan was performed.
By default, this option is disabled.
- Total number of threats detected
If this option is enabled, you can search for client devices by number of viruses detected. In the entry fields you can set the lower and upper threshold values for the number of viruses found.
By default, this option is disabled.
Applications registry
On the Applications registry tab, you can configure the search for devices according to applications installed on them:
- Application name
Drop-down list in which you can select an application. Devices on which the specified application is installed, are included in the selection.
- Application version
Entry field in which you can specify the version of selected application.
- Vendor
Drop-down list in which you can select the manufacturer of an application installed on the device.
- Application status
A drop-down list in which you can select the status of an application (Installed, Not installed). Devices on which the specified application is installed or not installed, depending on the selected status, will be included in the selection.
- Find by update
If this option is enabled, search will be performed using the details of updates for applications installed on the relevant devices. After you select the check box, the Application name, Application version, and Application status fields change to Update name, Update version, and Status respectively.
By default, this option is disabled.
- Incompatible security application name
Drop-down list in which you can select third-party security applications. During the search, devices on which the specified application is installed, are included in the selection.
- Application tag
In the drop-down list, you can select the application tag. All devices that have installed applications with the selected tag in the description are included in the device selection.
Hierarchy of Administration Servers
On the Hierarchy of Administration Servers tab, check the Include data from secondary Administration Servers (down to level) box if you want the information stored on secondary Administration Servers to be considered while searching for devices, and in the entry field, you can specify the nesting level of secondary Administration Server from which information is considered while searching for devices. By default, this check box is cleared.
Virtual machines
On the Virtual machines tab, you can configure the search for devices according to whether these are virtual machines or part of virtual desktop infrastructure (VDI):
- This is a virtual machine
In the drop-down list, you can select the following options:
- Not important.
- No. Find devices that are not virtual machines.
- Yes. Find devices that are virtual machines.
- Virtual machine type
In the drop-down list, you can select the virtual machine manufacturer.
This drop-down list is available if the Yes or Not important value is selected in the This is a virtual machine drop-down list.
- Part of Virtual Desktop Infrastructure
In the drop-down list, you can select the following options:
- Not important.
- No. Find devices that are not part of Virtual Desktop Infrastructure.
- Yes. Find devices that are part of the Virtual Desktop Infrastructure (VDI).
Hardware
On the Hardware tab, you can configure search for client devices according to their hardware:
- Device
In the drop-down list, you can select a unit type. All devices with this unit are included in the search results.
The field supports the full-text search.
- Vendor
In the drop-down list, you can select the name of a unit manufacturer. All devices with this unit are included in the search results.
The field supports the full-text search.
- Description
Description of the device or hardware unit. Devices with the description specified in this field are included in the selection.
A device's description in any format can be entered in the properties window of that device. The field supports the full-text search.
- Inventory number
Equipment with the inventory number specified in this field will be included in the selection.
- CPU frequency, in MHz
The frequency range of a CPU. Devices with CPUs that match the frequency range in these fields (inclusive) will be included in the selection.
- Virtual CPU cores
Range of the number of virtual cores in a CPU. Devices with CPUs that match the range in these fields (inclusive) will be included in the selection.
- Hard drive volume, in GB
Range of values for the size of the hard drive on the device. Devices with hard drives that match the range in these entry fields (inclusive) will be included in the selection.
- RAM size, in MB
Range of values for the size of the device RAM. Devices with RAMs that match the range in these entry fields (inclusive) will be included in the selection.
Vulnerabilities and updates
On the Vulnerabilities and updates tab, you can set up the criterion to search for devices according to their Windows Update source:
- WUA is switched to Administration Server
You can select one of the following search options from the drop-down list:
- Yes. If this option is selected, the search results will include devices that receive updates through Windows Update from the Administration Server.
- No. If this option is selected, the results will include devices that receive updates through Windows Update from another sources.
Users
On the Users tab, you can set up the criteria to search for devices according to the accounts of users who have logged in to the operating system.
- Last user who logged in to the system
If this option is enabled, click the Browse button to specify a user account. The search results include devices on which the specified user performed the last login to the system.
- User who logged in to the system at least once
If this option is enabled, click the Browse button to specify a user account. The search results include devices on which the specified user logged in to the system at least once.
Status-affecting problems in managed applications
On the Status-affecting problems in managed applications tab, you can set up search for devices according to descriptions of their statuses provided by the managed application:
- Device status description
You can select check boxes for descriptions of statuses from the managed application; upon receipt of these statuses, the devices will be included in the selection. When you select a status listed for several applications, you have the option to select this status in all of the lists automatically.
Statuses of components in managed applications
On the Statuses of components in managed applications tab, you can set up the criteria to search for devices according to the statuses of components in managed applications:
- Data Leakage Prevention status
Search for devices by the status of Data Leakage Prevention (No data from device, Stopped, Starting, Paused, Running, Failed).
- Collaboration servers protection status
Search for devices by the status of server collaboration protection (No data from device, Stopped, Starting, Paused, Running, Failed).
- Anti-virus protection status of mail servers
Search for devices by the status of Mail Server protection (No data from device, Stopped, Starting, Paused, Running, Failed).
- Endpoint Sensor status
Search for devices by the status of the Endpoint Sensor component (No data from device, Stopped, Starting, Paused, Running, Failed).
Encryption
- Encryption
Advanced Encryption Standard (AES) symmetrical block cipher algorithm. In the drop-down list, you can select the encryption key size (56-bit, 128-bit, 192-bit, or 256-bit).
Available values: AES56, AES128, AES192, and AES256.
Cloud segments
On the Cloud segments tab, you can configure a search based on whether a device belongs to specific cloud segments:
- Device is in a cloud segment
If this option is enabled, you can click the Browse button to specify the segment to search.
If the Include child objects option is also enabled, the search is run on all child objects of the specified segment.
Search results include only devices from the selected segment.
- Device discovered by using the API
In the drop-down list, you can select whether a device is detected by API tools:
- AWS. The device is discovered by using the AWS API, that is, the device is definitely in the AWS cloud environment.
- Azure. The device is discovered by using the Azure API, that is, the device is definitely in the Azure cloud environment.
- Google Cloud. The device is discovered by using the Google API, that is, the device is definitely in the Google Cloud environment.
- No. The device cannot be detected by using the AWS, Azure, or Google API, that is, it is either outside the cloud environment or it is in the cloud environment but it cannot be detected by using an API.
- No value. This condition does not apply.
Application components
This section contains the list of components of those applications that have corresponding management plug-ins installed in Administration Console.
In the Application components section, you can specify criteria for including devices in a selection according to the statuses and version numbers of the components that refer to the application that you select:
- Status
Search for devices according to the component status sent by an application to the Administration Server. You can select one of the following statuses: No data from device, Stopped, Starting, Paused, Running, Malfunction, or Not installed. If the selected component of the application installed on a managed device has the specified status, the device is included in the device selection.
Statuses sent by applications:
- Starting—The component is currently in the process of initialization.
- Running—The component is enabled and working properly.
- Paused—The component is suspended, for example, after the user has paused protection in the managed application.
- Malfunction—An error has occurred during the component operation.
- Stopped—The component is disabled and not working at the moment.
- Not installed—The user did not select the component for installation when configuring custom installation of the application.
Unlike other statuses, the No data from device status is not sent by applications. This option shows that the applications have no information about the selected component status. For example, this can happen when the selected component does not belong to any of the applications installed on the device, or when the device is turned off.
- Version
Search for devices according to the version number of the component that you select in the list. You can type a version number, for example 3.4.1.0
, and then specify whether the selected component must have an equal, earlier, or later version. You can also configure searching for all versions except the specified one.
Page top