Kaspersky Security for Windows Server SNMP traps options descriptions and possible values

Descriptions of the traps options and their possible values are given below:

• eventDateAndTime: event date and time.
• eventSeverity: importance level.

  The option can take the following values:

  • critical (1) – critical
  • warning (2) – warning
  • info (3) – informational
• userName: user name (for example, the name of a user that attempted to access an infected file).
• computerName: protected device name (for example, the name of a protected device from which a user attempted to access an infected file).
• eventSource: functional component that generated the event.

  The option can take the following values:

  • unknown (0) – functional component not known
  • quarantine (1) – Quarantine
  • backup (2) – Backup
  • reporting (3) – task logs
  • updates (4) – Update
  • realTimeProtection (5) – Real-Time File Protection
  • onDemandScanning (6) – On-Demand Scan
  • product (7) – event related to operation of Kaspersky Security for Windows Server as a whole rather than operation of individual components
  • systemAudit (8) – system audit log
• eventReason: event trigger: what triggered the event.

  The option can take the following values:

  • reasonUnknown (0) – reason is unknown.
  • reasonInvalidSettings (1) – only for Backup and Quarantine events, displayed if Quarantine or Backup is unavailable (insufficient access permissions or an invalid folder is specified in the Quarantine settings -- for example, the a network path is specified). In this case, Kaspersky Security for Windows Server will use the default Backup or Quarantine folder.
• objectName: an object name (for example, the name of the file where the virus was detected).
• threatName: The name of the object according to the Virus Encyclopedia classification. This name is included in the full name that Kaspersky Security for Windows Server returns on detecting an object. You can view the full name of a detected object in the task log.
• detectType: type of object detected.

  The option can take the following values:

  • undefined (0) – undefined
  • virware – classic viruses and network worms
  • trojware – Trojans
  • malware – other malicious applications
  • adware – advertising software
  • pornware – pornographic software
  • riskware – legitimate applications that may be used by intruders to damage the user's device or personal data
• detectCertainty: certainty level for threat detection.

  The option can take the following values:

  • Suspicion (probably infected) – Kaspersky Security for Windows Server has detected a partial match between a section of object code and a known section of malicious code.
  • Sure (infected) – Kaspersky Security for Windows Server has detected a complete match between a section of code in the object and a known section of malicious code.
• days: number of days (for example, the number of days until the license expiration date).
• errorCode: an error code.
• knowledgeBaseId: address of a knowledge base article (for example, address of an article that explains a particular error).
• taskName: a task name.
• updaterErrorEventReason: the reason for the update error.

  The option can take the following values:

  • reasonUnknown(0) – reason is unknown.
  • reasonAccessDenied – access denied.
  • reasonUrlsExhausted – the list of update sources is exhausted.
  • reasonInvalidConfig – invalid configuration file.
  • reasonInvalidSignature – invalid signature.
  • reasonCantCreateFolder – folder cannot be created.
  • reasonFileOperError – file error.
  • reasonDataCorrupted – object is corrupted.
  • reasonConnectionReset – connection reset.
  • reasonTimeOut – connection timeout exceeded.
  • reasonProxyAuthError – proxy authentication error.
  • reasonServerAuthError – server authentication error.
  • reasonHostNotFound – device not found.
  • reasonServerBusy – server unavailable.
  • reasonConnectionError – connection error.
  • reasonModuleNotFound – object not found.
  • reasonBlstCheckFailed(16) – error while checking the key denylist. It is possible that database updates were being published at the time of the update; please repeat the update in a few minutes.
• storageObjectNotAddedEventReason: the reason why the object was not backed up or quarantined.

  The option can take the following values:

  • reasonUnknown (0) – reason is unknown.
  • reasonStorageInternalError – database error; Kaspersky Security for Windows Server must be restored.
  • reasonStorageReadOnly – database is read-only; Kaspersky Security for Windows Server must be restored.
  • reasonStorageIOError – input-output error: a) Kaspersky Security for Windows Server is corrupted, Kaspersky Security for Windows Server must be restored; b) disk with Kaspersky Security for Windows Server files is corrupted.
  • reasonStorageCorrupted – storage is corrupted; Kaspersky Security for Windows Server must be restored.
  • reasonStorageFull – database is full; free disk space is required.
  • reasonStorageOpenError – database file could not be opened; Kaspersky Security for Windows Server must be restored.
  • reasonStorageOSFeatureError – some operating system features do not correspond to Kaspersky Security for Windows Server requirements.
  • reasonObjectNotFound – object being placed in Quarantine does not exist on the disk.
  • reasonObjectAccessError – insufficient permissions to use Backup API: the account being used to perform the operation does not have Backup Operator permissions.
  • reasonDiskOutOfSpace – not enough space on the disk.