Default File Integrity Monitor task settings
By default, the File Integrity Monitor task has the settings described in the table below. You can change the values of these settings.
Default File Integrity Monitor task settings
Setting | Default value | Description |
|---|---|---|
Monitoring scope | Not configured | You can specify the folders and files for which actions will be monitored. Monitoring events will be generated for the folders and files in the specified monitoring scope. |
Trusted users list | Not configured | You can specify users and/or groups of users, whose actions in the specified folders will be treated as safe by the component. |
Log information about file operations that appear during the monitor interruption period | Used | You can enable or disable logging of file operations performed in the indicated monitoring scopes during periods in which the task in not running. |
Block attempts to compromise the USN log | Used | You can enable or disable protection of the USN log. |
Exclude the following folders from control | Not applied | You can check the use of exclusions for folders in which file operations do not need to be monitored. When the File Integrity Monitor task runs, Kaspersky Security for Windows Server will skip monitoring scopes specified as exclusions. |
Checksum calculation | Not applied | You can configure calculation of the file checksum after changes are made in the file. |
Set file operations markers | All available file operation markers are considered | You can specify the set of file operation markers. If a file operation performed in a monitoring scope is characterized by one or more specified markers, Kaspersky Security for Windows Server generates an audit event. |
Task start schedule | First run is not scheduled | You can configure the settings for starting the task on a schedule. |
