Reports in Kaspersky Security Center
Reports in Kaspersky Security Center contain information about the status of managed devices. Reports are based on information stored on Administration Server.
Starting from Kaspersky Security Center 11, the following types of reports are available for Kaspersky Security for Windows Server:
- Report on the status of application components
- Report on prohibited applications
- Report on prohibited applications in test mode
See Kaspersky Security Center Help for detailed information about all Kaspersky Security Center reports and how to configure them.
Report on the status of Kaspersky Security for Windows Server components
You can monitor the protection status of all network devices and get a structured overview of the set of components on each device.
The report displays one of the following states for each component: Running, Paused, Stopped, Malfunction, Not installed, Starting.
Not Installed status refers to the component, not the application itself. If the application is not installed, the Kaspersky Security Center Web Console assigns the N/A (Not available) status.
You can create component selections and use filtering to display network devices with a specified set of components and state.
See Kaspersky Security Center Help for detailed information about creating and using selections.
To review the status of components in the application settings:
- In the main window of the Web Console, select Devices → Managed devices.
- Click the protected device name.
- On the General tab, select the Components section.
- Review the status table.
Information about Exploit Prevention component status is not available in this table.
To review a Kaspersky Security Center Web Console standard report:
- Select Monitoring and Reporting → Reports.
- Select the Report on the status of application components list item and click the Show report button.
A report is generated.
- Review the following report details:
- A graphical diagram.
- A summary table of components and aggregated numbers of network devices where each of the components is installed, and groups they belong to.
- A detailed table specifying the component status, version, device and group.
Reports on prohibited applications in active and test modes
Based on the results of the Applications Launch Control task, two types of reports can be generated: a report on prohibited applications (if the task is started in Active mode) and a report on prohibited applications in test mode (if the task is started in Statistics only mode). These reports display information about blocked applications on the protected devices of the network. Each report is generated for all administration groups and accumulates data from all the Kaspersky applications installed on the protected devices.
To review a report on prohibited applications in Statistics only mode:
- Start the Applications Launch Control task in Statistics only mode.
- Select Monitoring and Reporting → Reports.
- Select the Report on prohibited applications in test mode list item and click the Show report button.
A report is generated.
- Review the following report details:
- A graphical diagram that displays the top 10 applications with the largest number of blocked starts.
- A summary table of application blocks, specifying the executable file name, reason, time of blocking, and number of devices where the blocking occurred.
- A detailed table specifying data about the device, file path and criteria for blocking.
To review a report on prohibited applications in Active mode:
- Start the Applications Launch Control task in Active mode.
- Select Monitoring and Reporting → Reports.
- Select the Report on prohibited applications in test mode list item and click the Show report button.
A report is generated.
This report consists of the same data about blocks as the report on prohibited applications in test mode.
