Configuring the File Integrity Monitor task

Support

Support for business applications

Kaspersky Embedded Systems Security 3.x

File Integrity Monitor

Manage File Integrity Monitor via the Web Plug-in

Configuring the File Integrity Monitor task

10 March 2023

ID 192832

Get as PDF

To configure the File Integrity Monitor task via the Web Plug-in:

In the main window of the Web Console, select Devices → Policies & profiles.
Click the policy name you want to configure.
In the <Policy name> window that opens select the Application settings tab.
Select the System Inspection section.
Click Settings in the File Integrity Monitor subsection.
In the File Integrity Monitor window that appears, on the File operations monitoring settings tab, configure the following settings:
1. Clear or select the Log information about file operations that appear during the monitoring interruption period check box.
  The check box enables or disables monitoring of the file operations specified in the File Integrity Monitor task settings when the task is not running for any reason (removal of a hard disk, task stopped by user, software error).
  
  If the check box is selected, Kaspersky Embedded Systems Security will record events in all monitoring scopes when the File Integrity Monitor task is not running.
  
  If the check box is cleared, the application will not log file operations in monitoring scopes when the task is not running.
  
  The check box is selected by default.
2. Clear or select the Block attempts to compromise the USN log check box.
  The check box enables or disables protection of the USN log.
  
  If the check box is selected, Kaspersky Embedded Systems Security will block attempts to delete the USN log or to compromise the USN log's content.
  
  If the check box is cleared, the application will not monitor changes to the USN log.
  
  The check box is selected by default.
3. Select or clear the Apply Trusted Zone check box as applicable.
  If the Apply Trusted Zone check box is selected, the Exclusions and Trusted processes configured in the Trusted Zone are applied to the monitoring scope in addition to the configured rule.
  
  If the Apply Trusted Zone check box is cleared, the Exclusions and Trusted processes configured in the Trusted Zone are not applied to the monitoring scope.
  
  By default, the check box is cleared.
On the Task management tab, configure the task start schedule.
Click OK to save the changes.

Kaspersky Embedded Systems Security immediately applies the new settings to the running task. Information about the date and time of settings modification are saved in the system audit log.

Kaspersky Professional Services

Implementation services. Health check and security system configuration. Contact us if you need expert help.

Kaspersky Premium Support (MSA): High‑priority incident processing

Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).

Did you find this article helpful?

What can we do better?

Thank you for your feedback! You're helping us improve.