Kaspersky CyberTrace

Limitations imposed by license keys

27 February 2024

ID 186828

This section describes limitations that are imposed on the Kaspersky CyberTrace functionality by license keys of different licensing levels.

Limit on events per second (EPS)

For the Community Edition licensing level, Kaspersky CyberTrace processes no more events per second than permitted by the licensing level.

Several commercial licensing levels have EPS limits specified in the licensing key. Kaspersky CyberTrace limits EPS for these licensing levels in two stages.

At the first stage, if the EPS limit is exceeded at any point in time, Kaspersky CyberTrace displays a notification in Kaspersky CyberTrace Web and generates a KL_ALERT_EPSLimitExceeded event. All events above the EPS limit continue to be processed.

At the second stage, if the EPS limit was continuously exceeded for a period of seven days, the limit takes effect. Kaspersky CyberTrace displays a notification in Kaspersky CyberTrace Web and generates a KL_ALERT_EPSHardLimit event. Kaspersky CyberTrace starts to process events within the limit imposed by the license key. After you change the license key or start to process no more events than are specified in the licensing key, this limitation ceases to apply.

Limit on the number of indicators

If the license key or licensing level sets a limit on the total number of indicators, Kaspersky CyberTrace reads, in total, no more records from all the feeds than are permitted by the license key or licensing level.

For the Community Edition licensing level, if the number of indicators exceeds a limit, Kaspersky CyberTrace sends a KL_ALERT_IndicatorsStoreHardLimit event and then displays a notification in Kaspersky CyberTrace Web that there is a limitation on the adding and updating of indicators. When a KL_ALERT_IndicatorsStoreHardLimit event is generated, Kaspersky CyberTrace stops reading new records.

For other licensing levels, if the number of indicators exceeds a limit, Kaspersky CyberTrace sends a KL_ALERT_IndicatorsStoreLimitExceeded event, and then displays a notification in Kaspersky CyberTrace Web. This notification informs that Kaspersky CyberTrace will set a restriction on the adding and updating of indicators after five days. Then, if the total number of indicators continuously exceeds a limit for this period, Kaspersky CyberTrace sends the KL_ALERT_IndicatorsStoreHardLimit service event and displays another notification informing that the limitation has taken effect. When the KL_ALERT_IndicatorsStoreHardLimit event is generated, Kaspersky CyberTrace stops reading new records.

After you change the license key or start to process no more indicators than are specified in the licensing key, this limitation ceases to apply.

Limit on the use of custom feeds

If the license key does not allow the use of custom feeds, only Kaspersky Threat Data Feeds can be used. OSINT feeds cannot be used in this case.

Other limitations

The following features can be disabled by the license key or licensing level:

  • Search feature in Kaspersky CyberTrace Web
  • Multi-user mode

    If multi-user mode is disabled, you can sign in under the admin account only. This user account has the Administrator role.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.