Scenario: viewing information security event logs
Before starting to work with the logging subsystem, it is recommended to read the Grafana User Guide.
The maximum volume and storage time for information security event entries are defined when configuring the security settings.
Information security event logs are written to the Kaspersky MLAD database automatically. If necessary, the system administrator can specify the settings of an external system to which the information security event logs should be sent.
The scenario for viewing information security event logs consists of the following steps:
- Navigating to the logging subsystem
Go to the logging system by clicking the
button. This opens the Grafana interface in which you need to enter the name and password of the Kaspersky MLAD user.Available only to the system administrators and users with the Manage application logs permission.
- Navigating to the section containing information security event logs
Go to the Security audit section.
- Analyzing information security event logs
Analyze the information security event log entries for the selected period. You can filter them based on parameters of the information security event logs. To do so, click the
button in the column containing the relevant log parameter, select the check boxes next to the necessary filtering criteria, and click OK. To reset the filtering criteria, clear the relevant check boxes and click OK. - Exporting information security event logs
To export the information security event logs for the selected period to a text file, under Security audit, choose Inspect → Data from the vertical menu
in the upper right corner of the information security event log table, and in the panel that opens, click Download CSV.