Configuring registration of Kaspersky IoT Secure Gateway 1000 events in the Kaspersky Security Center 14.2 Web Console

You can enable registration of Kaspersky IoT Secure Gateway 1000 audit events in the Kaspersky Security Center 14.2 Web Console and configure notifications for audit event registration. For detailed information on configuring notifications for audit event registration in the Web Console, please refer to the Configuring notification delivery section in the Kaspersky Security Center 14.2 Online Help Guide. To configure audit event registration, first, create a policy for the device that will serve as the source of audit events. For detailed information on creating a policy, refer to the Creating a policy section in the Kaspersky Security Center 14.2 Online Help.

Kaspersky IoT Secure Gateway 1000 version 3.0 does not support management of device groups using Kaspersky Security Center policies. However, you can manage each device separately.

Each audit event in Kaspersky Security Center has a certain severity level. Depending on how the event appeared, it can be assigned one of the following severity levels:

• A critical event is an event that indicates the occurrence of a critical issue that may lead to data loss, an operational malfunction, or a critical error.
• A functional failure is an event that indicates a serious issue, error, or malfunction during the operation of the system or while performing a procedure.
• A warning is an event that requires attention because it emphasizes important situations in the operation of Kaspersky IoT Secure Gateway 1000 and may indicate a possible issue in the future. Most events are designated as warnings if the system can be restored without loss of data or functional capabilities after such events occur.
• An informational message is an event that signifies the successful completion of an operation, proper system functioning or completion of a procedure.

If registration of Kaspersky IoT Secure Gateway 1000 audit events is disabled in the Web Console, audit events are not received and are not displayed in the Web Console. After event registration is enabled in the Web Console, only new audit events will be received. All audit events that were registered in Kaspersky IoT Secure Gateway 1000 prior to enabling event registration in the Web Console will not be forwarded to the Web Console. Instead, you can view them only in the Kaspersky IoT Secure Gateway 1000 web interface.

To enable registration of Kaspersky IoT Secure Gateway 1000 audit events in the Kaspersky Security Center 14.2 Web Console:

1. In the main window of the Web Console, select Devices → Managed devices.
2. Click the name of the device where Kaspersky IoT Secure Gateway 1000 is running. If the device name is not on the list, add it to the Managed devices group.
3. In the device properties window that opens, select the Applications tab.
4. Press Kaspersky IoT Secure Gateway.

   This opens a window containing information about Kaspersky IoT Secure Gateway 1000.

5. Click the Configure events tab.
6. In the menu in the left part of the screen, select the severity level for which you want to enable event registration:
   • Critical.
   • Functional failure.
   • Warning.
   • Informational message.

   A table of audit events for the selected severity level will be displayed.

7. Click the Add event button.
8. Select the check boxes next to the types of events for which you want to enable event registration in the Web Console, and click OK.
9. To save the changes, click the Save button.

The selected types of Kaspersky IoT Secure Gateway 1000 audit events for the selected severity level will be registered and saved on the Kaspersky Security Center Administration Server. The default storage time for events is 30 days.