Default File Integrity Monitor task settings
3 August 2023
ID 181599
By default, the File Integrity Monitor task has the settings described in the table below. You can change the values of the settings in the following components:
- The Administration Plug-in
- The Application Console
- The Web Plug-in
Default File Integrity Monitor task settings
Setting
Default value
Description
Monitoring scope
Not defined
Use this option to specify the folders and files for which actions will be monitored. Monitoring events will be generated for the folders and files in the specified monitoring scope.
Trusted users list
Not defined
Use this option to specify users and/or groups of users, whose actions in the specified folders will be treated as safe by the component.
Log information about file operations that appear during the monitor interruption period
Used
This setting is used to enable or disable the logging of file operations performed in the specified monitoring scopes during periods when the task is idle.
By default, statistics are collected for untrusted and unknown users and objects.Block attempts to compromise the USN log
Used
Use this option to enable or disable protection of the USN log.
Detect and block all file operations in the selected area
Disabled
Select or clear the Detect and block all file operations in the selected area check box to block all changes for the selected monitoring scope.
Exclude the following folders from control
Not applied
Use this option to check the use of exclusions for folders in which file operations do not need to be monitored. When the File Integrity Monitor task runs, Kaspersky Industrial CyberSecurity for Nodes skips monitoring scopes specified as exclusions.
Checksum calculation
Not applied
Use this option to configure calculation of the file checksum after changes are made in the file.
Set file operations markers
All available file operation markers are considered
Use this option to specify the set of file operation markers. If a file operation performed in a monitoring scope is characterized by one or more specified markers, Kaspersky Industrial CyberSecurity for Nodes generates an audit event.
Task start schedule
First run is not scheduled.
You can configure settings to start the task on a schedule.