- About this Help
- What's new
- Sources of information about the application
- To administrator
- Kaspersky Security 9.0 for SharePoint Server
- Application architecture
- Access rights for managing Kaspersky Security
- Preparing to install
- Features of the application installation on a SharePoint farm
- Upgrading from a previous version of the application
- About Kaspersky Security upgrades
- Tips for upgrading Kaspersky Security on a SharePoint farm
- Upgrading Kaspersky Security on a standalone SharePoint server or the first server in a SharePoint farm
- Connecting Administration Console to a SharePoint farm when updating Kaspersky Security
- Starting the application upgrade
- Restarting the SharePoint Timer service
- Application setup procedure
- Step 1. Installing the required components
- Step 1. Viewing the welcome screen and License Agreement
- Step 3. Selecting the type of installation
- Step 4. Selecting the application components
- Step 5. Configuring the connection between Kaspersky Security and SQL database
- Step 6. Select an account for running Kaspersky Security services
- Step 7. Completing installation
- Changes in the system after installing the application
- Getting started. Application Configuration Wizard
- Restoring the application
- Removing the application
- Application licensing
- Getting started
- Control Center
- On-access scan
- About on-access scan
- About anti-phishing scans
- Kaspersky Security operation depending upon the SharePoint server settings
- General
- Enabling and disabling on-access anti-virus scanning
- Configuring basic scan settings
- Configuring object processing rules for on-access scanning
- Enabling and disabling on-access content filtering
- Enabling and disabling SharePoint web object scanning
- Enabling and disabling Anti-Phishing scanning of web content
- Anti-Virus scan exclusions
- Creating on-access Anti-Virus scan exclusions
- File mask
- Content filtering rules
- Configuring additional settings for on-access content filtering
- On-demand scan
- About on-demand scanning
- Creating an on-demand scan task
- Starting and stopping on-demand scan tasks
- Viewing an on-demand scan task report
- Deleting an on-demand scan task
- Task settings – General
- Task settings – Scan scope
- Web address
- Selecting and excluding from on-demand scanning areas of the SharePoint structure
- Task settings – Exclusions from scan
- File mask
- Creating on-demand Anti-Virus scan exclusions
- Task settings – Content filtering rules
- Configuring content filtering
- Content filtering
- About content filtering
- About the white list
- Creating the white list
- Filter by keywords tab
- Category name
- Keyword settings
- Creating, renaming, and deleting user categories of unwanted words and phrases
- Importing a list of unwanted words and phrases into a user category from a text file
- Adding, changing, and deleting unwanted words and phrases in user categories
- Filter by masks tab
- Set name
- File mask
- Creating, renaming, and deleting a set of masks for unwanted file names
- File name mask creation rules
- Changing a set of unwanted file name masks
- Backup
- About Backup
- Viewing the list of files in Backup
- Quick file search in Backup
- Extended file search in Backup
- Restoring files from Backup
- Rules for restoring files when version control is enabled in SharePoint
- Saving files from Backup to disk
- Removing files from Backup
- Purging Backup manually
- Configuring automatic Backup purging
- Updates
- About database updates
- Updates – General
- Configuring automatic database updates
- Updates – Database update settings
- Configuring the local database update settings on SharePoint servers of the farm
- SharePoint server database update settings
- Viewing the information about updates to the anti-virus database
- Updating databases manually
- Propagating global database update settings to SharePoint farm servers
- Notifications
- Reports
- Settings
- About participation in Kaspersky Security Network
- About logs
- About the log of content filtering
- KSN Protection Settings
- Enabling and disabling Data Leak Prevention
- Configuring the path to the logs folder
- Configuring the log storage term
- Configuring the detail level of event logs
- Diagnostics settings window
- Failsafe support for SQL databases
- Licensing
- To security officer
- Kaspersky Security 9.0 for SharePoint Server
- Using categories. Assigning data to categories
- Monitoring and preventing data leaks
- Categories and policies
- Settings of a category of table data
- Table data. Setting up the match level
- Settings of a category of keywords
- Keywords. Making expressions using operators
- Category: <Category name>
- New Policy Wizard. Step 1
- New Policy Wizard. Step 2
- New Policy Wizard. Step 3
- New Policy Wizard. Step 4
- File formats to scan
- Policy settings – Policy
- Policy settings – Users
- Control scope
- Web address
- Policy settings – Actions
- Searching SharePoint websites for data
- Managing incidents
- Assessing the status of data protection
- Generating application reports
- Reports
- Main settings of the detailed report
- Main settings of the report on users
- Additional report settings
- System report settings
- Main settings of the statistical report
- Additional settings of the statistical report
- Main settings of the detailed report
- Main settings of the report on users
- System report settings
- Main settings of the report on policies
- Additional task settings
- Run mode
- Additional instructions
- Archiving incidents
- Enabling the incremental scanning
- Restoring incidents from the archive
- Selecting categories for generating incident statistics
- Adding a search task
- Adding a report generation task
- Adding a category of keywords
- Adding a category of table data
- Adding a file to exclusions by web address
- Starting a report creation task
- Starting and stopping a data search
- Editing the search task settings
- Editing report generation task settings
- Editing a category
- Changing incident details displayed in the table
- Changing the contents of a Kaspersky Lab category
- Changing the status of an incident
- Copying incident details to the clipboard
- New Policy Wizard
- Configuring automatic notifications
- Configuring settings of the report on policy-related incidents
- Configuring the report on users
- Configuring system KPI report settings
- Configuring settings of the incident status report
- Updating the list of incidents
- Searching for incidents using a filter
- Searching for policies by users
- Searching for similar incidents
- Viewing incident details
- Viewing the report on policy-related incidents
- Viewing the system KPI report
- Viewing the report on users
- Viewing the incident status report
- Viewing the search results
- Viewing protection status details
- Generating a quick report
- Saving reports
- Saving search results
- Deleting archived incidents
- Deleting a task
- Deleting a category
- Deleting a report
- Deleting a policy
- Deleting the search results
- Contacting the Technical Support Service
- Glossary
- Activating the application
- Active key
- Active policy
- Additional key
- Anti-virus databases
- Archived incident
- Archiving
- Backup
- Black list of key files
- Closed incident
- Confidential data
- Control scope
- Corporate security
- Data category
- Data leak
- Data leak prevention
- Data search
- Data subcategory
- Disinfection
- DLP Module (Data Leak Prevention)
- DLP Module status
- False positive incident
- File blocking
- Full scan
- Incident
- Incident status
- Incremental scanning
- Infected object
- Kaspersky CompanyAccount
- Kaspersky Lab categories
- Kaspersky Lab update servers
- Kaspersky Security Network (KSN).
- Key file
- Keywords
- License certificate
- License term
- Management Console
- Match level
- Object removal
- On-access scan
- On-demand scan
- Opened incident
- Personal data
- Phishing
- Policy
- Policy violation
- Probably infected object
- Search scope
- Search task
- Security Officer
- SharePoint server structure
- Skipping of an object
- System KPI (Key Performance Indicators)
- Table data
- Unwanted content
- Update
- User category
- Violation context
- Virus
- Working scenario
- Kaspersky Lab AO
- Information about third-party code
- Trademark notice
Incidents
This node lets you view and process incidents.
The Incidents filter section lets you find incidents that need processing.
The section displays the incident filtering conditions. Each condition has two parameters: a criterion and a value. The drop-down list on the left lets you select an incident filtering criterion. Incident details are used as filtering criteria. In the drop-down list next to it you can specify the value of the selected criterion according to which filtering is performed. The appearance of the drop-down list depends on the filtering criterion selected.
By default, the incident filter contains one filtering condition. You can add several conditions to configure incident filtering flexibly. The application performs filtering according to all conditions added to the incident filter.
Clicking this button displays an additional condition for which you can configure filtering settings.
Clicking this button causes the list to display incidents that match the search conditions.
You can remove an incident filtering condition by clicking the 
button located on the right of the condition parameters.
The List of incidents section contains a table with a list of incidents. This list lets you view the details of each incident, change incident status, perform incident archiving and recover incidents from the archive.
The list of incidents appears one page at a time. The first page of the incident list displays 24 of the latest incidents. Use the buttons in the 
bottom right corner of the table to navigate the pages. The number of the page you are viewing is displayed in the field between buttons.
Clicking this button opens the Incident details window. In this window, you can view the incident details and history, as well as change the incident's status.
Button with a list in which you can select the method of changing the status of incidents. You can change the status of all incidents in the list or the status of selected incidents only.
Selecting the status change option opens the Changing status window. This window lets you assign a new status to an incident and specify the reason for the status change.
Clicking the button causes the application to update the list of incidents. New incidents created since the time when the list was refreshed last are added to the list.
The list of incidents is not refreshed automatically.
Clicking this button expands the Select columns to display section. This section lets you select the incident details to be displayed in the incident table by means of check boxes. Incident details next to which the icon 
appears are always displayed in the table.
You can right-click to open the context menu of the incident. The context menu allows you to change the incident's status, view the incident details, and find similar incidents (e.g., those associated with the same user or file).
Clicking this button causes the application to start the Incident Archiving Wizard. The Wizard lets you archive incidents that have been processed.
Archived incidents are removed from the list of incidents. If necessary, you can recover incidents from the archive.
Clicking this button causes the application to start the Incident Recovery Wizard that lets you recover incidents from the archive.
Clicking this button causes the application to remove all incidents with Archived status from the list of incidents.
Incidents can be recovered from the archive.
|
Use these settings for the following tasks |
See also Updating the list of incidents Searching for incidents using a filter Changing incident details displayed in the table |