In the Investigation → Container forensic section, Kaspersky Container Security lets you organize events that occurred in containers and on nodes for further analysis. Information about events is presented in the form of a table.
The solution displays audit and enforcement events for a certain period, and allows you to filter the events and study incidents in detail. Incidents are container events that are detected in accordance with the settings of the agent group and are covered by the applicable runtime policies. Information about incidents is presented in the form of a table.
By default, Kaspersky Container Security retains information about an incident for 90 days.
This section is available if you have rights to view events.