Support

Support for business applications

Kaspersky Security 8.0 for Linux Mail Server

Publishing program events to a SIEM system

Values of fields in the body of CEF messages for classes of Tasks group events

Kaspersky Security 8.0 for Linux Mail Server
Knowledge Base Online Help
Advice & Solutions FAQ Download Forum Contact support Recovery tools Product videos

Values of fields in the body of CEF messages for classes of Tasks group events

July 4, 2024

ID 151759

In the body of CEF messages for classes of Tasks group events, you can use keys in accordance with their semantics (see  the table below).

Permissible values of the fields for classes of Tasks group events

Key

Value

deviceProcessName

Task name (from klms-control).

cnt

The number of failures during the past 5 minutes.

reason

Description of the error.

outcome

Description of the result.

cs1

Program operating mode (real time scan / configuration mode).

cs1Label

Its value is always Mode.

Each class of Tasks group events can contain only keys that are relevant to it (see the table below).

Relevant keys for classes of Tasks group events

Event class

Relevant keys

LMS_EV_PROCESS_CRASHED

deviceProcessName, cnt

LMS_EV_RESTARTED

deviceProcessName, cnt

LMS_EV_PRODUCT_STARTED

cs1, cs1Label

');
Kaspersky Endpoint Security for Business Advanced: Adaptive security of your company
Web and device controls. Data encryption. Centralized and convenient management from a single console.
');
Kaspersky Premium Support (MSA): High‑priority incident processing
Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).