Obtaining and viewing a list of executable files installed on client devices
You can obtain the list of executable files stored on client devices in one of the following ways:
- Enabling notifications about applications startup in Kaspersky Endpoint Security policy.
- Creating an inventory task.
Enabling notifications about applications startup in Kaspersky Endpoint Security policy
To enable notifications about applications startup:
- Open the Kaspersky Endpoint Security policy settings, and then go to General settings → Reports and Storage.
- In the Data transfer to Administration Server settings group, select the About started applications check box, and save the changes.
When a user attempts to start executable files, information about these files is added to the list of executable files on a client device. Kaspersky Endpoint Security sends this information to Network Agent, and then Network Agent sends it to Administration Server.
Creating an inventory task
The feature of inventorying executable files is available for the following applications:
- Kaspersky Endpoint Security for Windows
- Kaspersky Endpoint Security for Linux (version 11.2 and later)
You can reduce load on the database while obtaining information about the installed applications. To do this, we recommend that you run an inventory task on reference devices on which a standard set of software is installed. The preferable number of devices is 1-3.
We strongly do not recommend running the inventory task when using the following databases: MySQL, PostgreSQL, SQL Server Express Edition, MariaDB (all editions).
To create an inventory task for executable files on client devices:
- In the main menu, go to Assets (Devices) → Tasks.
The list of tasks is displayed.
- Click the Add button.
The New task wizard starts. Follow the steps of the wizard.
- On the New task settings page, in the Application drop-down list, select Kaspersky Endpoint Security for Windows or Kaspersky Endpoint Security for Linux, depending on the operating system type of the client devices.
- In the Task type drop-down list, select Inventory.
- On the Finish task creation page, click the Finish button.
After the New task wizard is complete, the Inventory task is created and configured. If you want, you can change the settings for the created task. The newly created task is displayed in the list of tasks.
For a detailed description of the inventory task, refer to the following Helps:
After the Inventory task is performed, the list of executable files installed on managed devices is formed and you can view the list.
During inventory, the following formats of executable files can be detected (depending on the option that you select in the inventory task properties): MZ, COM, PE, NE, SYS, CMD, BAT, PS1, JS, VBS, REG, MSI, CPL, DLL, JAR, and HTML.
Viewing the list of executable files stored on managed devices
To view the list of executable files stored on client devices,
In the main menu, go to Operations → Third-party applications → Executable files.
The page displays the list of executable files installed on client devices.
If necessary, you can send the executable file of the managed device to the device where your Kaspersky Security Center Cloud Console is open.
To send an executable file:
- In the main menu, go to Operations → Third-party applications → Executable files.
- Click the link of the executable file that you want to send.
- In the window that opens, go to the Devices section, and then select the check box of the managed device from which you want to send the executable file.
Before you send the executable file, make sure that the managed device has a direct connection to the Administration Server, by selecting the Do not disconnect from the Administration Server check box. The maximum total number of devices with the Do not disconnect from the Administration Server option selected is 300.
- Click the Send button.
The selected executable file is downloaded for further sending to the device where your Kaspersky Security Center Cloud Console is open.
