Event selections provide an onscreen view of named sets of events that are stored in the Administration Server database. These sets of events are grouped by importance level (Critical events, Functional failures, Warnings, and Informational messages), by time (Recent events), and by type (User requests and Audit events). You can create and view user-defined event selections based on the settings available to configure in the Kaspersky Security Center 11 Web Console interface.
Event selections are available in the Kaspersky Security Center 11 Web Console, on the MONITORING & REPORTING tab, by clicking EVENT SELECTIONS.
By default, event selections include information for the last seven days.
Kaspersky Security Center has a default set of event (predefined) selections:
You can create and configure additional user-defined selections. In user-defined selections, you can filter events by the properties of the devices they originated from (device names, IP ranges, and administration groups), by event types and severity levels, by application and component name, and by time interval. It is also possible to include task results in the search scope. You can also use a simple search field where a word or several words can be typed. All events that contain any of the typed words anywhere in their attributes (such as event name, description, component name) are displayed.
Both for predefined and user-defined selections, you can limit the number of displayed events or the number of records to search. Both options affect the time it takes Kaspersky Security Center to display the events. The larger the database is, the more time-consuming the process can be.