Event information

When working in the program web interface, Senior security officer and Security officer users can view event information for organizations to which they have access.

Event information displays local timestamps of the Kaspersky Endpoint Agent computer that detected the event. The program administrator must make sure the time on Kaspersky Endpoint Agent computers is current.

If you are using the distributed solution and multitenancy mode, the section displays data on the organization that you chose.

To enable the display of events for all organizations:

Turn on the Search on all companies toggle switch.

In this Help section Viewing the table of events Viewing information about an event Information about events in the tree of events Recommendations for processing events Information about the "Process started" event Information about the "Module loaded" event Information about the "Remote connection" event Information about the "Prevention rule" event Information about the "Document blocked" event Information about the "File created" event Information about the "Windows log event" event Information about the "Changes in the registry" event Information about the "Port listened" event Information about the "Driver loaded" event Information about the "Alert" event Information about the "Alert processing result" event Information about the "Interpreted file run" event Information about the "Interactive command input at the console" event

Page top