I have following Kaspersky environment.
KSC Server 10.4.343
Kaspersky Endpoint for Windows Workstation 10.3
In workstation policy i have checked all the informational events to be stored for more than 30 days.
In workstation policy Device Control Notification settings i enable following informational events to be saved in "local log", "windows event log" and "notify on screen"
- Operation with the device allowed
- File operation performed