Viewing the IOA analysis results

To find and view IOA analysis results for user-defined rules:

In the program web interface window, select the IOC/IOA Analysis section, IOA Analysis subsection.
The table of IOA rules opens.
Select the IOA rule for which you want to view scan results.
This opens a window containing information about the IOA rule.
Do one of the following:
- If you want to view alerts generated by the IOA rule, click Alerts to proceed to the alerts database.
  The alert table is opened in an new browser tab.
- If you want to view events generated by the IOA rule, click Events to proceed to the events database.
  The event table is opened in an new browser tab.

To find and view IOA analysis results for Kaspersky Lab rules:

Select the Alerts section in the window of the program web interface.
The table of alerts opens.
Click the link in the Technologies column to open the filter configuration window.
In the drop-down list on the left, select Contains.
In the drop-down list on the right, select (IOA) IOA Analysis.
Click the Apply button.
The table displays alerts generated by IOA rules.
Select an alert for which the Detected column shows the name of the relevant IOA rule.
This opens a window containing information about the alert.
Under Scan results, click the link with the name of the rule to open the rule information window.
Do one of the following:
- If you want to view alerts generated by the IOA rule, click Alerts to proceed to the alerts database.
  The alert table is opened in an new browser tab.
- If you want to view events generated by the IOA rule, click Events to proceed to the events database.
  The event table is opened in an new browser tab.