Kaspersky Machine Learning for Anomaly Detection
- About Kaspersky Machine Learning for Anomaly Detection
- What's new
- Kaspersky MLAD architecture
- Common deployment scenarios
- Telemetry and event data flow diagram
- Ports used by Kaspersky MLAD
- Installing and removing the application
- Installing the application
- Updating the application
- Checking the integrity of Kaspersky MLAD archive files
- Backing up the application
- Rolling back the application to the previous installed version
- Scenario for restoring Kaspersky MLAD from a backup
- Getting started
- Starting and stopping Kaspersky MLAD
- Switching between Kaspersky MLAD state control modes
- Updating Kaspersky MLAD certificates
- First startup of Kaspersky MLAD
- Removing the application
- Kaspersky MLAD web interface
- Connecting to Kaspersky MLAD and terminating a user session
- Changing a user account password
- Selecting the localization language for the Kaspersky MLAD web interface
- Licensing the application
- About the End User License Agreement
- About the license
- About the license certificate
- About the license key
- About the license key file
- Available functionality of Kaspersky MLAD depending on the specific license
- Adding a license key
- Viewing information about an added license key
- Removing a license key
- Processing and storing data in Kaspersky MLAD
- System administrator tasks
- Managing user accounts
- Manage roles
- Managing incident notifications
- Configuring Kaspersky MLAD
- Configuring the main settings of Kaspersky MLAD
- Configuring the security settings of Kaspersky MLAD
- Configuring the Anomaly Detector service
- Configuring the Keeper service
- Configuring the Mail Notifier service
- Configuring the Similar Anomaly service
- Configuring the Stream Processor service
- Configuring the HTTP Connector
- Configuring the MQTT Connector
- Configuring the AMQP Connector
- Configuring the OPC UA Connector
- Configuring the KICS Connector
- Configuring the CEF Connector
- Configuring the WebSocket Connector
- Configuring the Event Processor service
- Configuring the statuses and causes of incidents
- Configuring logging for Kaspersky MLAD services
- Configuring time intervals for displaying data
- Configuring how the Kaspersky MLAD menu items are displayed
- Export and import of Kaspersky MLAD settings
- Managing assets and tags
- About monitored asset hierarchical structure
- About tags
- Create asset
- Change asset settings
- Create tag
- Adding a tag to an asset
- Editing a tag
- Moving assets and tags
- Deleting an asset or tag
- Checking the current structure of tags
- Uploading tag and asset configuration to the system
- Saving tag and asset configuration to a file
- Working with the main menu
- Scenario: working with Kaspersky MLAD
- Viewing summary data in the Dashboard section
- Viewing incoming data in the Monitoring section
- Viewing data in the History section
- Viewing data in the Time slice section
- Viewing data for a specific preset in the Time slice section
- Selecting a specific element of the ML model in the Time slice section
- Selecting a date and time interval in the Time slice section
- Navigating through time in the Time slice section
- Configuring how graphs are displayed in the Time slice section
- Working with events and patterns
- Working with incidents and groups of incidents
- About incidents
- About incidents detected by a predictive element of an ML model
- About incidents detected by an ML model element based on a diagnostic rule
- About incidents detected by an ML model element based on an elliptic envelope
- About incidents detected by the Limit Detector
- About incidents detected by the Stream Processor service
- About anomalies
- Scenario: analysis of incidents
- Viewing incidents
- Viewing the technical specifications of a registered incident
- Viewing incident groups
- Studying the behavior of the monitored asset at the moment when an incident was detected
- Adding a status, cause, expert opinion or note to an incident or incident group
- Exporting incidents to a file
- About incidents
- Managing ML models
- About ML models
- About statuses and states of ML models and their elements
- About ML model templates
- About markups
- About conditions included in markups and diagnostic rules
- Scenario: working with ML models
- Search and filter objects in the Models section
- Working with markups
- Working with imported ML models
- Working with manually created ML models
- Creating an ML model
- Adding a predictive element to an ML model
- Modifying an ML model predictive element
- Adding an ML model element based on a diagnostic rule
- Changing an ML model element based on a diagnostic rule
- Adding an elliptic envelope-based ML model element
- Editing an elliptic envelope-based ML model element
- Cloning of the ML model element
- Removing an ML model element
- Cloning an ML model
- Working with ML model templates
- Changing the parameters of an ML model
- Training an ML model predictive element
- Training an elliptic envelope-based ML model element
- Viewing the training results of an ML model element
- Starting and stopping ML model inference
- Viewing the data flow graph of an ML model
- Preparing an ML model for publication
- Publishing an ML model
- Removing an ML model
- Managing presets
- Managing services
- Troubleshooting
- When connecting to Kaspersky MLAD, the browser displays a certificate warning
- The hard drive is running out of free space
- The operating system restarted unexpectedly
- Cannot connect to the Kaspersky MLAD web interface
- Data graphs or graphic areas are not displayed in the History and Monitoring sections
- Events are not transmitted between Kaspersky MLAD and external systems
- Cannot load data to view in the Event Processor section
- Data is incorrectly processed in the Event Processor section
- Events are not displayed in the Event Processor section
- Previously created monitors and the specified attention settings are not displayed in the Event Processor section
- A markup result is not displayed
- A Trainer service stopped message is displayed
- Training of an ML model element completed with an error
- Email notifications about incidents are not being received
- You need to change the Help localization language
- Contacting Technical Support
- Limitations
- Appendix
- Settings of a .env configuration file
- Settings and example of the Excel file containing tag and asset configuration
- Settings and an example of JSON file that describes presets
- Settings and an example of JSON file containing a configuration for the Event Processor service
- Viewing the Kaspersky MLAD log
- Special characters of regular expressions
- Cipher suites for secure TLS connection
- Glossary
- Information about third-party code
- Trademark notices
Troubleshooting > When connecting to Kaspersky MLAD, the browser displays a certificate warning
When connecting to Kaspersky MLAD, the browser displays a certificate warning
When connecting to Kaspersky MLAD, the browser displays a certificate warning
Problem
When attempting to connect to Kaspersky MLAD, the browser displays a warning that the security certificate or the established connection is not trusted. The contents of the warning depend on the specific browser being used.
Solution
After Kaspersky MLAD is installed, a self-signed certificate is used by default to connect to the web interface. When using a self-signed certificate, the browser displays a warning that the security certificate or the connection being established is not trusted. To obtain a trusted certificate, you need to contact the information security department or the information technology department of the Customer. To install the received trusted certificate, you need to contact a qualified technical specialist of the Customer, a Kaspersky employee, or a certified integrator. An employee can update certificates for connecting to Kaspersky MLAD using the web interface.
You can temporarily use a self-signed certificate to connect to Kaspersky MLAD (for example, during trial operation). When using a self-signed certificate, in the browser warning window select the option that lets you continue connecting. After connecting to Kaspersky MLAD, the browser window displays a warning about the certificate. The text of the message depends on the specific browser being used.
If the browser displays a warning after a trusted certificate is installed, then the certificate may have been spoofed by a malicious actor. Contact the Technical Support.
Article ID: 248109, Last review: Nov 21, 2024