Business products
Workstations & Servers protection

Workstation protection

File server protection

Mail system protection

Perimeter protection

Administration Kit

Kaspersky Administration Kit 8.0

Kaspersky Administration Kit 6.0 MP1/MP2

Operating principles

Implementing in network

Complex-components uninstalling

Troubleshooting

All articles

Kaspersky Administration Kit 5.0 MP3 (builds 5.0.1104 - 5.0.1152)

Support lifecycle of applications for remote management

Kaspersky Hosted Security Services

Fighting malicious programs
How to disinfect...

Training and Certification
Take an educational course and become a certified anti-virus security specialist

Self Service
More help online

Support contacts and conditions
Information about support services and rules

You are visiting our Support Website and we thank you in advance for your participation in this poll and your feedbacks.

Please vote honestly, we will analyze the results and will do our best to improve our service as soon as possible.

Read the same in:

Home / Business products / Administration Kit / Kaspersky Administration Kit 6.0 MP1/MP2 / Monitoring

Kaspersky Administration Kit 6.0 MP1/MP2

Monitoring [14]

More Sections

Monitoring anti-virus protection system in the network
ID Article: 1159	Other languages:	19	2007 Nov 15 16:10	Printable version

	Useful links
	What does color of a client computer icon mean? Events in work of the Administration Server and logical network Events in the work of Kaspersky Anti-Virus 6.0 for Windows Workstations/ File Servers Events in the work of Kaspersky Anti-Virus 5.0 for Windows Workstations/ File Servers How to know results of the task execution? How to monitor virus scan tasks run on a remote computer

Concerning to Kaspersky Administration Kit 6.0 MP1

Monitoring the anti-virus protection system is a very important step to support the created logical network. Its idea is to configure the settings of the events that occur in the work of the logical network and to analyze statuses of the client computers.

To configure the events settings the logical network administrator should answer the following questions:

1. What events does the administrator need to analyze state of the logical network?

2. Should the administrator be notified of the events? Notifications can be sent by email, using NET SEND or by running the executable file.

Types of events

All events that occur in the logical network can be by convention divided into three groups:

events that occur in the work of the Administration Server and the logical network in general – are configured in the Administration Server properties on the Events tab

events in the work of the anti-virus application installed on a client computer – are configured in the application policy on the Events tab.

results of the task execution are configured in the each task properties on the Notification tab.

It should be noted, that result of the task execution is its status – completed/ failed. And only the task launched for execution can have the result.

There is the Results button in the properties of each task. Clicking the button the Results window opens displaying the results of the task. In the product deployment/deinstallation task you can also view how it is executed.

You can view how the Anti-virus tasks are executed (scan, update of client computer) - task logs- only from the Anti-virus main window.

Saving the results

Results of the task execution can be saved:

in the Administration Server database
on a client computer
in Windows Event Log

on a computer with the installed Administration Server
on a client computer

At the same time you can restrict size of the stored messages and register the following results:

results of the task execution (the Save execution result only variant)

Result of the task execution is its status - "Completed/Failed".

results of the task execution and information of the task execution process can be registered if this information is transferred to the Administration Server by the product which executes the task (the Save events related to task execution process variant).

For example, Kaspersky Anti-Virus 6.0 for Windows Workstations does not transfer to the Server detailed information about which files were downloaded during the update process; i.e. these data will not be displayed in the task result window; but will be available in the update task report of the Administration Server

all possible messages which appear during the task execution (such as Pending, Changed, Running, etc) (the Save all events variant).

How to know results of the task execution?

All events which are stored on the Administration Server are available to be viewed in the Events node in the Administration Console. To view the results of a selected task, open the task on the General tab and click the Results button.

If you have set Store events locally in order to save the results, then to see these results you should install Administration Console on this computer (without the Administration Server) and in the system registry change the value of the key HKEY_CURRENT_USER\Software\KasperskyLab\Components\34 to ShowLocalComputer = 1 (DWORD). Key change will enable display of the Local computer node in the Console. To view results of the task execution open the Local computer node > Manage Tasks > choose the necessary task > click the Results button.

You can view the information via My Computer > Manage> Event Viewer.

How to set notifications about events/ results of the task execution?

If administrator should be notified about events then first it is recommended to set notifications parameters. Once set in the properties of the Administration Server on the Notification tab, these parameters should not be additionally set, unless you want to change them for specific events/tasks.

Click the Properties button and in the open window enter the information which will be displayed in the fields To and Subject. The filed From can be left empty – in this case the mail will be delivered from the address defined in the field Recipient’s address or enter a real address on a given mail server.

To configure the message text, click the Message text button. The administrator can restrict number of the messages received at a time unit – these parameters can be set by clicking the Notification limit button.

After you have configured the notification parameters check the entered data – click the Test button. If everything is configured correctly, you get notification by email, using NET SEND or running the executable file.

The file will run on a computer – Administration Server!

Notifications about events/ results of the task execution can be set for:

for tasks – it can be set on the Notification tab of any task in the Notify administrator section. you can be notified of each task execution or of failures only. in order to be notified of errors only check Notify of errors only.

for events – in the application policy on the Events tab. in order to select notification types, highlight an event and check the necessary boxes. Click the Properties button and in the open window set how to register events and store notifications.

Parameters to store and send information about events can be set for highlighted events only. To highlight one or several events click the Select All button or use the keyboards Shift and Crtl.

Administrator can be notified the following way:

by e-mail
using NET SEND,
running executable on a computer – Administration Server

By default the task uses parameters set in the Administration Server properties on the Notification tab and exactly these data are displayed in the task/policy. In order to get access to change these settings uncheck Use Administration Server settings in the necessary group of settings.

Notification text is the same for all notification types!

IP-address computer name in MS Windows network (NetBIOS-name) can be set as an address of a mail server. Addresses of target computers notified by NET SEND are entered in the same format. Several addresses can be set separated by a comma or by semicolon.