Viewing events that occurred when the system integrity check task was last run

You can view the list of events that occurred during the last start of the System Integrity check task in the properties of Kaspersky Security installed on the protected virtual machine. You can view the list of events using Administration Console or Web Console (in Kaspersky Security for Virtualization 5.1 Light Agent properties window, on the Application settings tab in the System Integrity Monitoring events section).

Kaspersky Security Center 12 Network Agent must be installed on the protected virtual machine for correct working with Kaspersky Security Center Web Console.

To view the list of events that occurred on the virtual machine when the System Integrity check task was last run in the Administration Console:

  1. Open Kaspersky Security Center Administration Console.
  2. In the Managed devices folder in the console tree, select the folder with the name of the administration group to which the relevant virtual machine belongs.
  3. In the workspace, select the Devices tab.
  4. In the list, select the virtual machine for which you want to view the list of events that occurred during a system integrity check.
  5. Double-click to open the virtual machine properties window.

    The Properties: <virtual machine name> window opens.

  6. In the list on the left, select the Applications section.

    A list of applications that are installed on this virtual machine appears in the right part of the window.

  7. Select Kaspersky Security for Virtualization 5.1 Light Agent and double-click to open the application settings window.

    The Kaspersky Security for Virtualization 5.1 Light Agent settings window opens.

  8. In the list on the left, select the System Integrity Monitoring events section.

    The table shows the following information about each event:

    • Event generation date.
    • Event name.
    • Rule applied by the System Integrity Monitoring component.
    • Control object in which the modification is made. Depending on the type of control object, the following information is displayed in the graph:
      • Path to the file, if the System Integrity Monitoring component detected a change to a file.
      • Registry key, if the System Integrity Monitoring component detected a change in the registry.
      • Device name, if the System Integrity Monitoring component detected the connection of an external device.
    • Type of modification to the monitored object detected by the System Integrity Monitoring component. Possible values:
      • Create.
      • Modify.
      • Delete.
      • Connect.

    In the list of events, you can perform the following actions:

    • Update the list of events.
    • Filter the list of events by column values or by custom filter conditions.
    • Use the search function to find a specific event.
    • Change the order and arrangement of columns that are shown in the report.
    • Sort the list of events by each column.
    • Save a report to a TXT or CSV file.
Page top