System event types based on Endpoint Protection Platform

Support

Support for business applications

Kaspersky Industrial CyberSecurity for Networks

Appendices

System event types in Kaspersky Industrial CyberSecurity for Networks

System event types based on Endpoint Protection Platform

March 22, 2024

ID 219821

This section provides a description of a system event type associated with Endpoint Protection Platform (see the table below).

System event type based on Endpoint Protection Platform (EPP)

Code	Title of event type	Severity	Registration conditions
4000005500	EPP application triggered ($verdict, mode: $mode)	Critical	The integration server received data indicating that the EPP application was triggered by a possibly infected object or potential threat. The following variables are used in the title and description of an event type: $verdict – threat name $mode – processing mode $epp_event_description – obtained data, which may additionally contain an IP address, web address, email address or object type.

Code

Title of event type

Severity

Registration conditions

4000005500

EPP application triggered ($verdict, mode: $mode)

Critical

The integration server received data indicating that the EPP application was triggered by a possibly infected object or potential threat.

The following variables are used in the title and description of an event type:

$verdict – threat name
$mode – processing mode
$epp_event_description – obtained data, which may additionally contain an IP address, web address, email address or object type.

Did you find this article helpful?

What can we do better?

Thank you for your feedback! You're helping us improve.