Support

Support for business applications

Kaspersky Anti Targeted Attack (KATA) Platform

For security officers: Getting started with the application web interface

Events database threat hunting

Changing the event search conditions

Kaspersky Anti Targeted Attack (KATA) Platform
Нет результатов
Knowledge Base Online Help
FAQ Download Forum Contact support Recovery tools

Changing the event search conditions

8 November 2023

ID 247640

To change the event search conditions, perform the following actions in the Threat Hunting section of the application web interface window:

  1. Click the form containing the event search conditions in the upper part of the window.
  2. Select one of the following tabs:
    • Builder, if you want to change the event search conditions in design mode.
    • Source code, if you want to change the event search conditions in source code mode.
  3. Make the relevant changes.
  4. Click one of the following buttons:
    • Refresh, if you want to refresh the current event search with the new conditions.
    • New search, if you want to perform a new event search.

The table of events that satisfy the search criteria is displayed.

See also

Events database threat hunting

Searching events in design mode

Searching events in source code mode

Sorting events in the table

Searching events by processing results in EPP applications

Uploading an IOC file and searching for events based on conditions defined in the IOC file

Creating a TAA (IOA) rule based on event search conditions

Kaspersky Professional Services
Implementation services. Health check and security system configuration. Contact us if you need expert help.
Kaspersky Premium Support (MSA): High‑priority incident processing
Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).
Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.