Kaspersky
Kaspersky normalizes Kaspersky Antivirus events and enables you to analyze threat-related events using alerts and dashboards. Kaspersky Antivirus is a program designed to protect users from malware for computers running Microsoft Windows and macOS. You can further customize the data and search to perform an in-depth analysis of the malware attacks, multiple sources infected by the same virus, programs blocked by self-defense mechanisms, multiple viruses infecting the same source and servers with update failures.
Enhancement
| Description | Issue ID | Reference ID |
|---|---|---|
| Added Syslog Collector based Kaspersky log source template, simplifying the log source configuration process. To learn more, go to Creating Log Source via a Template. |
KB-22703 |
- |
Past Releases
Kaspersky v5.1.0
Supported On: Logpoint v6.7.0 and later
Download: Kaspersky_5.1.0.pak
SHA256: afed5b1d7f5c9c1d54ba89ae5a063ad054a9d556ee84d4badac582f8057213e9
Enhancements
|
Description |
Issue ID |
Reference ID |
|---|---|---|
| Added KasperskyCEFNormalizer and KasperskyLEEFCompiledNormalizer to normalize Kaspersky logs in CEF and LEEF formats. | KB-12011, KB-14018 | 50937 |
| Added signatures in LP_Kaspersky Endpoint Security Xml to normalize Kaspersky (EDR) logs. | KB-12952 | 55168 |
Kaspersky v5.0.1
Enhancement
A minor update has been done in Kaspersky's normalizer for better signature handling.
Kaspersky v3.3.0
Supported On: Logpoint v6.0.0 to v6.6.6
Download: Kaspersky_3.3.0.pak
SHA256: a0d606a96670de74a3e38c499a27865f0bace514cd2ea38935ca93e5f9c25952
Enhancement
A minor update has been done in Kaspersky's normalizer for better signature handling.
Support
If you have any questions or require assistance, create a support ticket.
Comments
Article is closed for comments.