Scenario: viewing information security event logs
Before starting to work with the logging subsystem, it is recommended to read the Grafana User Guide.
The maximum volume and storage time for information security event entries are defined when configuring the security settings.
Information security event logs are written to the Kaspersky MLAD database automatically. If necessary, the system administrator can specify the settings of an external system to which the information security event logs should be sent.
The scenario for viewing information security event logs consists of the following steps:
- Navigating to the logging subsystem
Navigate to the logging system by clicking the button
Available only to the system administrators and users with the Working with application logs permission.
- Navigating to the section containing information security event logs
Go to the Security audit section.
- Analyzing information security event logs
Analyze the information security event log entries for the selected period. You can filter them based on parameters of the information security event logs. To do so, click the filtering icon () in the column containing the relevant log parameter, select the check boxes next to the necessary filtering criteria, and click OK. To reset the filtering criteria, clear the relevant check boxes and click OK.
- Exporting information security event logs
To export the information security event logs for the selected period to a text file, in the Security audit section, use the Security audit drop-down list above the information security event log table to select Inspect → Data, and click the Download CSV button in the opened pane.