Managing tasks

In the web interface of the application, users with the Senior security officer role can manage files and applications on hosts by creating and removing tasks.

In distributed solution and multitenancy mode, Kill process, Get forensics, Get registry key, Start YARA scan, Service management, Run application, Delete file, Restore file from quarantine, Quarantine file tasks can have one of the following types:

Operation mode in which Kaspersky Anti Targeted Attack Platform is used to protect the infrastructure of multiple organizations or branch offices of the same organization simultaneously.

Two-level hierarchy of servers with Central Node components installed. This hierarchy allocates a primary control server (Primary Central Node (PCN)) and secondary servers (Secondary Central Nodes (SCN)).

• Global—Created on the PCN server. These tasks apply to hosts that are connected to this PCN server and to all SCN servers that are connected to this PCN server. Tasks belong to the tenant for which the user is managing the program using the web interface.
• Local—Created on the SCN server. These tasks apply only to hosts that are connected to this SCN server. Tasks belong to the tenant for which the user is managing the program using the web interface.

Get file, Get process memory dump, Get NTFS metafiles, Get disk image, Get memory dump tasks run only on the specified host, regardless of the application operating mode.

The maximum task execution time is 24 hours. If the task did not complete in this time, execution is paused.

Users with the Senior security officer role can manage all tasks for tenants to whose data they have access.

Users with the Security officer role do not have access to tasks.

Users with the Security auditor role can view the task table and information about the selected task.