About dump files

A dump file contains all information about the working memory of Kaspersky Endpoint Security processes at the time when the dump file was created. If required, you can enable the creation of dump files when the application crashes.

You can configure the creation of dump files using the kesl.ini configuration file, as well as in the Kaspersky Endpoint Security policy settings using Kaspersky Security Center Administration Console or Kaspersky Security Center Web Console. By default, dump files are stored in the /var/opt/kaspersky/kesl/common/dumps and /var/opt/kaspersky/kesl/common/dumps-user directories. Root privileges are required to access dump files. The maximum number of dump files is limited.

Depending on the operating system settings, user dump files may not be created. Make sure that the system kernel is configured using sysctl kernel.yama.ptrace_scope=0.

Dump files are stored on the computer as long as the application is in use, and are deleted permanently when the application is removed. Dump files are not sent to Kaspersky automatically.

Dump files may contain personal data. It is recommended to protect information from unauthorized access before sending it to Kaspersky.

To enable the creation of dump files using the kesl.ini configuration file:

1. Stop Kaspersky Endpoint Security.
2. Open the /var/opt/kaspersky/kesl/common/kesl.ini file for editing.
3. Add the following setting to the [General] section:

   CoreDumps=yes

4. Start Kaspersky Endpoint Security.