Monitoring traffic lights and logged events in Administration Console
Administration Console allows you to quickly assess the current status of Kaspersky Security Center and managed devices by checking traffic lights. The traffic lights are shown in the workspace of the Administration Server node, on the Monitoring tab. The tab provides six information panels with traffic lights and logged events. A traffic light is a colored vertical bar on the left side of a panel. Each panel with a traffic light corresponds to a specific functional scope of Kaspersky Security Center (see the table below).
Scopes covered by traffic lights in Administration Console
Panel name | Traffic light scope |
|---|---|
Deployment | Installing Network Agent and security applications on devices on an organization's network |
Management scheme | Structure of administration groups. Network scanning. Device moving rules |
Protection settings | Security application functionality: protection status, malware scanning |
Update | Updates and patches |
Monitoring | Protection status |
Administration Server | Administration Server features and properties |
Each traffic light can be any of these four colors (see the table below). The color of a traffic light depends on the current status of Kaspersky Security Center and on events that were logged.
Color codes of traffic lights
Status | Traffic light color | Traffic light color meaning |
|---|---|---|
Informational | Green | Administrator's intervention is not required. |
Warning | Yellow | Administrator's intervention is required. |
Critical | Red | Serious problems have been encountered. Administrator's intervention is required to solve them. |
Informational | Light blue | Events have been logged that are unrelated to potential or actual threats to the security of managed devices. |
The administrator's goal is to keep traffic lights on all of the information panels on the Monitoring tab green.
The information panels also show logged events that affect traffic lights and the status of Kaspersky Security Center (see the table below).
Name, description, and traffic light colors of logged events
Traffic light color | Event type display name | Event type | Description |
|---|---|---|---|
Red | License expired on %1 device(s) | IDS_AK_STATUS_LIC_EXPAIRED | Events of this type occur when the commercial license has expired. Once a day Kaspersky Security Center checks whether the license has expired on the devices. When the commercial license expires, Kaspersky Security Center provides only basic functionality. To continue using Kaspersky Security Center, renew your commercial license. |
Red | Security application is not running on: %1 device(s) | IDS_AK_STATUS_AV_NOT_RUNNING | Events of this type occur when the security application installed on the device is not running. Make sure that Kaspersky Endpoint Security is running on the device. |
Red | Protection is disabled on: %1 device(s) | IDS_AK_STATUS_RTP_NOT_RUNNING | Events of this type occur when the security application on the device has been disabled for longer than the specified time interval. Check the current status of real-time protection on the device and make sure that all the protection components that you need are enabled. |
Red | A software vulnerability has been detected on devices | IDS_AK_STATUS_VULNERABILITIES_FOUND | Events of this type occur when the Find vulnerabilities and required updates task has detected vulnerabilities with the severity level specified in applications installed on the device. Check the list of available updates in the Software updates subfolder included in the Application management folder. This folder contains a list of updates for Microsoft applications and other software vendors products retrieved by Administration Server, which can be distributed to devices. After viewing information about available updates, install them on the device. |
Red | Critical events have been registered on the Administration Server | IDS_AK_STATUS_EVENTS_OCCURED | Events of this type occur when Administration Server critical events are detected. Check the list of events stored on the Administration Server, and then fix the critical events one by one. |
Red | Errors have been logged in events on the Administration Server | IDS_AK_STATUS_ERROR_EVENTS_OCCURED | Events of this type occur when unexpected errors are logged on the Administration Server side. Check the list of events stored on the Administration Server, and then fix the errors one by one. |
Red | Lost connection to %1 device(s) | IDS_AK_STATUS_ADM_LOST_CONTROL1 | Events of this type occur when the connection between the Administration Server and the device is lost. View the list of disconnected devices and try to reconnect them. |
Red | %1 device (s) have not connected to the Administration Server in a long time | IDS_AK_STATUS_ADM_NOT_CONNECTED1 | Events of this type occur when the device has not connected to the Administration Server within the specified time interval, because the device was turned off. Make sure that the device is turned on and that Network Agent is running. |
Red | %1 device(s) have a status other than OK | IDS_AK_STATUS_HOST_NOT_OK | Events of this type occur when the OK status of the device connected to the Administration Server changes to Critical or Warning. You can troubleshoot the problem by using the Kaspersky Security Center remote diagnostics utility. |
Red | Databases are outdated on: %1 device(s) | IDS_AK_STATUS_UPD_HOSTS_NOT_UPDATED | Events of this type occur when the anti-virus databases have not been updated on the device within the specified time interval. Follow the instructions to update Kaspersky databases. |
Red | Device(s) where check for Windows Update updates has not been performed in a long time: %1 | IDS_AK_STATUS_WUA_DATA_OBSOLETE | Events of this type occur when the Perform Windows Update synchronization task has not been run within the specified time interval. Follow the instructions to synchronize updates from Windows Update with Administration Server. |
Red | %1 plug-in(s) for Kaspersky Security Center must be installed | IDS_AK_STATUS_PLUGINS_REQUIRED2 | Events of this type occur when you need to install additional plug-ins for Kaspersky applications. Download and install the required management plug-ins for the Kaspersky application from the Kaspersky Technical Support webpage. |
Red | Active threats are detected on %1 device(s) | IDS_AK_STATUS_NONCURED_FOUND | Events of this type occur when active threats are detected on managed devices. View information about the detected threats, and then follow the recommendations. |
Red | Task %1 has completed with an error | IDS_AK_STATUS_TASK_FAILED | Events of this type occur when a task execution completes with an error. Check the properties of the task, and then reconfigure the task. |
Red | Too many viruses have been detected on: %1 device(s) | IDS_AK_STATUS_TOO_MANY_THREATS | Events of this type occur when viruses are detected on managed devices. View information about the detected viruses, and then follow the recommendations. |
Red | Virus outbreak | IDS_AK_STATUS_VIRUS_OUTBREAK | Events of this type occur when the number of malicious objects detected on several managed devices exceeds the threshold within a short period of time. View information about the detected threats, and then follow the recommendations. |
Red | Databases in the repository have not been updated in a long time | IDS_AK_STATUS_UPD_SERVER_NOT_UPTODATE | Events of this type occur when the anti-virus databases have not been updated on the device for two days. Check the frequency of updating the anti-virus databases, and then update the anti-virus databases. |
Yellow | Databases in the repository have not been updated in a long time | IDS_AK_STATUS_UPD_SERVER_NOT_UPTODATE | Events of this type occur when the anti-virus databases have not been updated on the device for more than one day but less than two days. Check the frequency of updating the anti-virus databases, and then update the anti-virus databases. |
Yellow | Conflict of NetBIOS names has been detected on devices | IDS_AK_STATUS_ADM_NAME_CONFLICT | Events of this type occur when the devices have the same NetBIOS names. Rename the devices. |
Yellow | On %s device(s), data encryption has switched to the status specified in the device status detection criteria | IDS_AK_STATUS_ENCRYPTION_FAULTS_FOUND | Events of this type occur when data encryption fails on managed devices.
|
Yellow | License %1 expires in %2 days | IDS_AK_STATUS_LIC_EXPAIRING | Events of this type occur when the license on the device expires in a specified number of days. To continue using Kaspersky Security Center, renew your commercial license. |
Yellow | Unassigned devices that have Network Agent installed: %1 | IDS_AK_STATUS_NAGENTS_IN_UNASSIGNED | Events of this type occur when new devices are discovered on the network. Move the devices with Network Agent to the groups of managed devices. |
Yellow | Network Agents on %1 device(s) cannot run until restart. For the previous time, this status was %2 | IDS_AK_STATUS_NAGENTS_NOT_RUNNING_UNTIL_REBOOT | Events of this type occur when Network Agent is not running on the devices. Restart the devices. |
Yellow | Detected files must be sent to Kaspersky for further analysis | IDS_AK_STATUS_NEW_APS_FILE_APPEARED | Events of this type occur when files that are probably infected with viruses are detected and moved to Quarantine. Send the files to Kaspersky for further analysis. |
Yellow | Managed device(s): %1. Security application is installed on: %2 device(s) | IDS_AK_STATUS_NO_AV | Events of this type occur when Kaspersky Endpoint Security is not installed on all managed devices. Install Kaspersky Endpoint Security on all managed devices. |
Yellow | Installation task %1 has completed successfully on %2 device(s); restart is required on %3 device(s) | IDS_AK_STATUS_RI_NEED_REBOOT | Events of this type occur when Kaspersky Endpoint Security has just been installed on managed devices. Reboot the devices after Kaspersky Endpoint Security is installed. |
Yellow | Malware scan has not been performed in a long time on: %1 device(s) | IDS_AK_STATUS_SCAN_LATE | Events of this type occur when you need to perform a malware scan on managed devices. Run a virus scan. |
Yellow | Device(s) with software vulnerabilities detected: %1 | IDS_AK_STATUS_VULNERABLE_HOSTS_FOUND | Events of this type occur when vulnerabilities are detected on a managed device. View information about detected vulnerabilities and fix them. |
Green | Managed device(s): %3. Unassigned device(s) detected: %1 | IDS_AK_STATUS_ADM_OK1 | Events of this type occur when new devices are detected in administration groups. |
Green | Security application is installed on all managed devices | IDS_AK_STATUS_DEPLOYMENT_OK | Events of this type occur when Kaspersky Endpoint Security is installed on all managed devices. |
Green | Kaspersky Security Center is functioning properly | IDS_AK_STATUS_GENERAL_OK | Events of this type occur when Kaspersky Security Center is functioning properly. |
Green | Real-time protection application is not installed | IDS_AK_STATUS_RTP_NA | Events of this type occur when the anti-virus application is not installed on managed devices. |
Green | Protection is enabled | IDS_AK_STATUS_RTP_OK | Events of this type occur when the real-time protection is enabled on managed devices. |
Green | Security application is not installed | IDS_AK_STATUS_SCAN_NA | Events of this type occur when the anti-virus application is not installed on managed devices. |
Green | Malware scan is running on schedule | IDS_AK_STATUS_SCAN_OK | Events of this type occur when the Malware scan task is running on schedule. |
Green | Updates repository has been last updated: %1 | IDS_AK_STATUS_UPD_OK | Events of this type occur when the updates repository is updated. |
Light blue | Databases in the repository have not been updated in a long time | IDS_AK_STATUS_UPD_SERVER_NOT_UPTODATE | Events of this type occur when the anti-virus databases were updated during the day. |
Light blue | The accepted Kaspersky Security Network Statement is obsolete | IDS_AK_STATUS_ACCEPTED_KSN_AGREEMENT_OBSOLETE | Events of this type occur when Kaspersky Security Network Statement becomes out-of-date. |
Light blue | Kaspersky software updates have not been approved | IDS_AK_STATUS_APPLICABLE_KL_PATCHES_NOT_APPROVED | Events of this type occur when the administrator has not yet approved the applicable patches for managed Kaspersky applications. |
Light blue | Kaspersky application updates have been revoked | IDS_AK_STATUS_APPLICABLE_KL_PATCHES_REVOKED | Events of this type occur when the administrator has not yet declined the revoked patches. |
Light blue | End User License Agreement for Kaspersky mobile software has not been accepted | IDS_AK_STATUS_KL_MOBILE_EULAS_NOT_ACCEPTED | Events of this type occur when the administrator has not yet accepted the End User License Agreement for Kaspersky mobile software. |
Light blue | End User License Agreement for Kaspersky software updates has not been accepted | IDS_AK_STATUS_KL_PATCHES_EULAS_NOT_ACCEPTED | Events of this type occur when the administrator has not yet accepted the End User License Agreement for Kaspersky software updates. |
Light blue | Kaspersky Security Network Statement for Kaspersky software updates has not been accepted | IDS_AK_STATUS_KL_PATCHES_KSN_AGREEMENTS_NOT_ACCEPTED | Events of this type occur when the administrator has not yet accepted the Kaspersky Security Network Statement for Kaspersky software updates. |
Light blue | You must accept the License Agreement to install updates | IDS_AK_STATUS_NEED_ACCEPT_EULA | Events of this type occur when new updates are available for installation, but the administrator has not yet accepted the License Agreement. |
Light blue | New versions of Kaspersky applications are available | IDS_AK_STATUS_NEW_DISTRIBUTIVES_AVAILABLE | Events of this type occur when new versions of Kaspersky applications are available for installation on managed devices. |
Light blue | Updates are available for Kaspersky Security Center components | IDS_AK_STATUS_NEW_KSC_VERSIONS_AVAILABLE | Events of this type occur when updates are available for Kaspersky Security Center components. |
Light blue | Updates are available for Kaspersky applications | IDS_AK_STATUS_NEW_VERSIONS_AVAILABLE | Events of this type occur when updates are available for Kaspersky applications. |
Light blue | Application installation task %1 has completed successfully on %2 device(s), failed on %3 device(s) | IDS_AK_STATUS_RI_FAILED | Events of this type occur when the Application installation task has installed the software only on some devices in the specified pool. |
Light blue | Running deployment task - %1 (%2%%) | IDS_AK_STATUS_RI_RUNNING | Events of this type occur when a deployment task is running on managed devices. |
Light blue | Full scan has never been performed on %1 device(s) | IDS_AK_STATUS_SCAN_NOT_SCANNED | Events of this type occur when a full scan has never been performed on the specified number of devices. |
Light blue | Running the update download task (progress: %1 %%) | IDS_AK_STATUS_UPD_SRV_UPDATE_IN_PROGRESS | Events of this type occur when a task for downloading updates is running on managed devices. |
