Azure-Sentinel/Solutions/KasperskySecurityCenter/Data/Solution_Kaspersky Security Center.json

{
  "Name": "KasperskySecurityCenter",
  "Author": "Microsoft - support@microsoft.com",
  "Logo": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/Azure_Sentinel.svg\" width=\"75px\" height=\"75px\">",
  "Description": "The [Kaspersky Security Center](https://ksc.kaspersky.com/) solution provides the capability to ingest [Kaspersky Security Center logs](https://support.kaspersky.com/KSC/13/en-US/151336.htm) into Microsoft Sentinel.\n\r\n1. **KasperskySecurityCenter via AMA** - This data connector helps in ingesting KasperskySecurityCenter logs into your Log Analytics Workspace using the new Azure Monitor Agent. Learn more about ingesting using the new Azure Monitor Agent [here](https://learn.microsoft.com/azure/sentinel/connect-cef-ama). **Microsoft recommends using this Data Connector**.\n\r\n2. **KasperskySecurityCenter via Legacy Agent** - This data connector helps in ingesting KasperskySecurityCenter logs into your Log Analytics Workspace using the legacy Log Analytics agent.\n\n**NOTE:** Microsoft recommends installation of KasperskySecurityCenter via AMA Connector. Legacy connector uses the Log Analytics agent which is about to be deprecated by **Aug 31, 2024,** and thus should only be installed where AMA is not supported. Using MMA and AMA on same machine can cause log duplication and extra ingestion cost [more details](https://learn.microsoft.com/en-us/azure/sentinel/ama-migrate).",
  "Data Connectors": [
    "Data Connectors/Connector_KasperskySC_CEF.json",
	"Data Connectors/template_KasperskySCAMA.json"
	],
  "Parsers": [
    "Parsers/KasperskySCEvent.yaml"
  ],
  "Metadata": "SolutionMetadata.json",
  "BasePath": "C:\\GitHub\\Azure-Sentinel\\Solutions\\KasperskySecurityCenter",
  "Version": "3.0.0",
  "TemplateSpec": true,
  "Is1PConnector": false
}