During SVM operation, the following trace files may be created on an SVM:
Protection Server trace file (ScanServer.log). The name of the file contains the file creation date and time. In addition to general data, this file may contain the following information:
Personal data, including the last name, first name and middle name, if such data is included in the path to files on protected virtual machines.
The name of the account used to log in to the operating system if the user account name is part of a file name.
Your email address or a web address containing the name of your account and password if they are contained in the name of the object detected.
boot_config.log trace file This file records the results of executing commands of the SVM first startup script.
wdserver.log trace file. This file records information about events that occur during operation of the watchlog service (wdserver). The file contains general data.
SnmpTool.log trace file This file records information about events that occur during operation of the SNMP service (SnmpTool). The file contains general data.
Trace file of the Kaspersky Security Center Network Agent. This file records information about events occurring during operation of the Kaspersky Security Center connectivity module. The file contains general data.
agents_monitor.log. trace file. This file can contain the following information:
Settings for connecting SVMs to the Integration Server.
Information about connecting Light Agents to SVM: unique SVM identifier, unique identifier and information about the operating system of the virtual machine, on which Light Agent is installed, time intervals during which the Light Agent was connected to the SVM.
boot_config.log and wdserver.log trace files are created automatically.
You can create the trace files ScanServer.log and SnmpTool.log by using the application configuration files that are located in the folder /etc/opt/kaspersky/la/ on SVMs. A special script is used to create a Network Agent trace file.
You can create the agent_monitor.log trace file by changing the level of details in the trace file using the agents_monitor.conf configuration file located on the SVM in the /etc/opt/kaspersky/agents_monitor/ directory.
For detailed information on how to create and configure trace files, please contact our Technical Support experts.
All created SVM trace files, except for the agents_monitor.log file, are located in the /var/log/kaspersky/la/ directory. The agents_monitor.log file is located in the /var/log/kaspersky/agents_monitor/ directory.
ScanServer.log trace file can also be created in the Protection Server policy.
To create the ScanServer.log trace file in Protection Server policy:
Open Kaspersky Security Center Administration Console.
In the Managed devices folder of the console tree, select the folder with the name of the administration group for whose SVMs you want to create a trace file.
In the workspace, select the Policies tab.
Select a Protection Server policy in the list of policies and right-click to open the Properties: <Policy name> window.
In the list on the left, select the Advanced settings section.
SVM advanced settings are displayed in the right part of the window.
In the Trace level drop-down list, select the trace level.
You are advised to clarify the required trace level with a Technical Support specialist.
Click Apply to start the tracing process.
Trace files are saved on the SVM in readable format. It is recommended to ensure that information stored on the SVM is protected against unauthorized access before it is sent to Kaspersky.
Trace files are automatically deleted when uninstalling the application. Trace files are not automatically sent to Kaspersky.