- Kaspersky Endpoint Security 11.2.0 for Linux
- What's new
- Installing the application
- Installing Kaspersky Endpoint Security using the command line
- Initial configuration of the application in interactive mode
- Selecting the locale
- Viewing the End User License Agreement and the Privacy Policy
- Accepting the End User License Agreement
- Accepting the Privacy Policy
- Using Kaspersky Security Network
- Assigning the Administrator role to a user
- Determining the file operation interceptor type
- Configuring the update source
- Configuring proxy server settings
- Downloading application databases
- Enabling automatic application database update
- Application activation
- Initial configuration of the application in automatic mode
- Settings of the Kaspersky Endpoint Security initial setup configuration file
- Installing Network Agent using the command line
- Initial configuration of the Network Agent using the command line
- About Kaspersky Endpoint Security administration web plug-in
- Installing Kaspersky Endpoint Security via Kaspersky Security Center
- Installing Kaspersky Endpoint Security using the Web Console
- Getting started using Kaspersky Security Center
- Activating the application using Kaspersky Security Center
- Running the application on Astra Linux in closed software environment mode
- Configuring permissive rules in the SELinux system
- Updating the application from a previous version
- Uninstalling the application
- Application licensing
- About providing and processing data
- Managing the application using the command line
- Starting and stopping the application
- Displaying Help on the commands
- Enabling the display of events
- Viewing information about the application
- Description of the application commands
- Using filters to limit query results
- Exporting and importing application settings
- Setting the application memory usage limit
- Application components integrity check
- General application settings
- Encrypted connections scan
- User roles
- Managing application tasks using the command line
- View the list of tasks
- Creating a new task
- Editing task settings using a configuration file
- Editing task settings using the command line
- Resetting task settings to their default values
- Starting and stopping a task
- Managing scan scopes from the command line
- Managing exclusion scopes from the command line
- Viewing a task state
- Scheduling a task
- Deleting a task
- File Threat Protection task (File_Threat_Protection, ID:1)
- Virus Scan task (Scan_My_Computer, ID:2)
- Custom Scan task (Scan_File, ID:3)
- Critical Areas Scan task (Critical_Areas_Scan, ID:4)
- Update task (Update, ID:6)
- Rollback task (Rollback, ID:7)
- Licensing task (License, ID:9)
- Storage management task (Backup, ID:10)
- System Integrity Monitoring task (System_Integrity_Monitoring, ID:11)
- Firewall Management task (Firewall_Management, ID:12)
- About network packet rules
- About dynamic rules
- About the predefined network zone names
- Firewall Management task settings
- Adding a network packet rule
- Deleting a network packet rule
- Changing the execution priority of a network packet rule
- Adding a network address to a zone section
- Deleting a network address from a zone section
- Anti-Cryptor task (Anti_Cryptor, ID:13)
- Web Threat Protection task (Web_Threat_Protection, ID:14)
- Device Control task (Device_Control, ID:15)
- Removable Drives Scan task (Removable_Drives_Scan, ID:16)
- Network Threat Protection task (Network_Threat_Protection, ID:17)
- Container Scan task (Container_Scan, ID:18)
- Custom Container Scan task (Custom_Container_Scan, ID:19)
- Behavior Detection task (Behavior_Detection, ID:20)
- Application Control task (Application_Control, ID:21)
- Inventory Scan task (Inventory_Scan, ID:22)
- Participating in Kaspersky Security Network
- Integration with Kaspersky Managed Detection and Response
- KESL container
- Events and reports
- Managing the application using Kaspersky Security Center Administration Console
- Starting and stopping the application on a client device
- Viewing the protection status of a device
- Viewing application settings
- Updating application databases and modules
- Managing policies in the Administration Console
- Policy settings
- File Threat Protection
- Exclusion scopes
- Firewall Management
- Web Threat Protection
- Network Threat Protection
- Kaspersky Security Network
- Application Control
- Anti-Cryptor
- System Integrity Monitoring
- Device Control
- Behavior Detection
- Task management
- Removable Drives Scan
- Proxy server settings
- Application settings
- Container Scan settings
- Managed Detection and Response
- Network settings
- Global exclusions
- Storage settings
- Managing tasks in the Administration Console
- Task settings
- Configuring integration with Kaspersky Managed Detection and Response
- Configuring KESL container settings
- Manually checking the connection with the Administration Server. Klnagchk utility
- Manually connecting to the Administration Server. Klmover utility
- Remote application administration using Kaspersky Security Center Web Console and Kaspersky Security Center Cloud Console
- Logging in and out of the Web Console and Cloud Console
- Starting and stopping the application on a client device
- Updating application databases and modules
- Viewing the protection status of a device
- Managing policies in the Web Console
- Policy settings
- Application settings tab
- File Threat Protection
- Scan exclusions
- Firewall Management
- Web Threat Protection
- Network Threat Protection
- Kaspersky Security Network
- Anti-Cryptor
- System Integrity Monitoring
- Application Control
- Device Control
- Behavior Detection
- Task management
- Removable Drives Scan
- Proxy server settings
- Application settings
- Container Scan settings
- Managed Detection and Response
- Network settings
- Global exclusions
- Storage settings
- Managing tasks in the Web Console
- Task settings
- Virus Scan. Scan settings section
- Virus Scan. Scan scopes section
- Virus Scan. Exclusion scopes section
- Critical Areas Scan. Scan settings section
- Critical Areas Scan. Scan scopes section
- Critical Areas Scan. Exclusion scopes section
- System Integrity Check. Scan settings section
- System Integrity Check. Exclusion scopes section
- Container Scan. Scan settings section
- Container Scan. Exclusion scopes section
- Add Key
- Update. Database update source section
- Update. Settings section
- Rollback
- Inventory. Scan settings section
- Inventory. Exclusion scopes section
- Configuring integration with Kaspersky Managed Detection and Response
- Configuring KESL container settings
- Managing application using graphical user interface
- Contact Technical Support
- Appendices
- Appendix 1. Resource consumption optimization
- Appendix 2. Default task configuration files
- Rules for editing application task configuration files
- File Threat Protection task configuration file
- Virus Scan task configuration file
- Custom Scan task configuration file
- Critical Areas Scan task configuration file
- Update task configuration file
- Storage management task configuration file
- System Integrity Monitoring task configuration file
- Firewall Management task configuration file
- Anti-Cryptor task configuration file
- Web Threat Protection task configuration file
- Device Control task configuration file
- Removable Drives Scan task configuration file
- Network Threat Protection task configuration file
- Container Scan task configuration file
- Inventory Scan task configuration file
- Application Control task configuration file
- Appendix 3. Command line return codes
- Appendix 4. Managing KESL container using REST API
- Appendix 5. Configuring interaction with Kaspersky Anti-Virus for Linux Mail Server
- Sources of information about the application
- Glossary
- Active key
- Active policy
- Administration group
- Administration Server
- Application activation
- Application databases
- Application settings
- Backup
- Database of malicious web addresses
- Database of phishing web addresses
- Exclusion
- False positive
- File mask
- Group policy
- Group task
- Infected object
- Kaspersky update servers
- License
- License certificate
- Object disinfection
- Policy
- Proxy server
- Reserve key
- Startup objects
- Subscription
- Trusted device
- Trusted zone
- Information about third-party code
- Trademark notices
Managing application using graphical user interface > Viewing reports
Viewing reports
Viewing reports
Information about operation of the application tasks is recorded to the application reports.
Report data is presented as a table that contains a list of events. Each line in the table contains information about a separate event. Event attributes are displayed in the table columns. Events logged during the performance of various tasks have different sets of attributes.
The following event importance levels are used in reports:
- Critical – events with the critical importance level that need your attention as they indicate problems in the application operation or vulnerabilities in the device protection
- High
- Medium
- Low
- Information
- Error
The application provides the following reports listed in the left part of the Reports window:
- Statistics. This report contains statistical information about the File Threat Protection task and scan tasks. You can update the displayed report by clicking the Reload button.
- System audit. This report contains information about events that occur during the application operation and during the user interaction with the application.
- Threat protection. This report contains information about the events that are logged while the following application monitoring tasks were running:
- Anti-Cryptor.
- System Integrity Monitoring.
- Firewall Management.
- Web Threat Protection.
- Application Control.
- Device Control.
- Removable Drives Scan.
- Network Threat Protection.
- Behavior Detection.
- File Threat Protection.
- On-demand tasks. This report contains information about the events that are logged while the following application tasks were running:
- Scan tasks.
- Update.
- System Integrity Check.
To view the report:
- Open the main application window.
- In the lower part of the main application window, click the Reports button.
The Reports window will open.
- In the left part of the Reports window, select the required report type.
A report containing a list of events is displayed in the right part of the window.
By default, events are sorted in ascending order by the values in the Date column.
- To view detailed information about an event displayed in a separate section of the report, select this event in the report.
The section that contains the attributes of this event is displayed at the bottom of the window.
For convenient processing of reports, you can modify the presentation of data on the screen in the following ways:
- Filter the list of events by occurrence time.
- Use the search function to find a specific event.
- View the selected event in a separate section.
Article ID: 198071, Last review: Jul 8, 2024