This website uses cookies. By continuing to browse or login to this website, you consent to the use of cookies. Learn more.
OK
linhvm
Commodore Commodore
Commodore
‎2012-10-29 03:03
310 views

Kaspersky event logs

Hi all,

I want to ask some questions if anyone who has collected and done some use cases with Kaspersky event logs before.

  • Do we have to change any configuration in Kaspersky Management Interface?
  • Althought information such as client hostname is visible in Kaspersky event logs, when events come into ESM, it (client hostname) does not appear in any field.
  • Could you share some use cases for Kaspersky? I have created some, but they do not run because of valualess resource data.


Thank you.


Brgds,


Linh.

Labels (2)
Labels
0 Likes
Reply
Report Inappropriate Content
1 Reply
SchneiderCh
Absent Member.
Absent Member.
‎2013-03-25 15:48

Hi Linh,

I'm experiencing exactly the same problem with Kaspersky event logs. Information is available in Kaspersky Management, but events in ArcSight are incomplete (Device Address is always 0.0.0.0, Device Hostname is completely missing etc.).

Did you already find a solution for the problem?

Kind regards,

Christoph

0 Likes
Reply
Report Inappropriate Content
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.