Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
|Maintenance: Maintenance tasks for antivirus systems|
Quick Scan Started
|English: Request a translation of the event description in plain English.|
This event can be recorded in various conditions, with the "Description" matching the type of information that the Kasperksy A/V (KAV) wants to record.
Description: "KAV: An Anti-Virus threat was detected (UDS:DangerousObject.Multi.Generic)." - This is a notification that KAV has identified a potential threat. The description of the threat is included and one can search on Google that particular information to find more details. See EV100410 (UDS:DangerousObject.Multi.Generic) for an example.
This is recorded by Kaseya AntiVirus(Kaspersky Corporate Edition - Desktop and Server) every time a file is opened.
|Private comment: Subscribers only. See example of private comment|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...|
Send comments or solutions
- Notify me when updated