Support

Support for business applications

Kaspersky Unified Monitoring and Analysis Platform

Administrator's guide

Configuring event sources

Configuring receipt of events from Windows devices using KUMA Agent (WMI)

Kaspersky Unified Monitoring and Analysis Platform
Нет результатов
Knowledge Base Online Help
FAQ Solution overview Forum Contact support Product videos

Configuring receipt of events from Windows devices using KUMA Agent (WMI)

April 8, 2024

ID 257568

Get as PDF

KUMA allows you to receive information about events from Windows devices using the WMI KUMA Agent.

Configuring event receiving consists of the following steps:

  1. Configuring audit settings for managing KUMA.
  2. Configuring data transfer from the event source server.
  3. Granting permissions to view events.
  4. Granting permissions to log on as a service.
  5. Creating a KUMA collector.

    To receive Windows device events, in the KUMA Collector Setup Wizard, at the Event parsing step, in the Normalizer field, select [OOTB] Microsoft Products.

  6. Installing KUMA collector.
  7. Forwarding events from Windows devices to KUMA.

    To complete the data forwarding configuration, you must create a WMI KUMA agent and then install it on the device from which you want to receive event information.

In this section

Configuring audit settings for managing KUMA

Configuring data transfer from the event source server

Granting permissions to view Windows events

Granting permissions to log on as a service

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.