General troubleshooting

This section provides information to help you solve problems you might encounter when using Kaspersky CyberTrace.

If you encounter a problem while using Kaspersky CyberTrace, the specialists at Kaspersky can assist you. Contact your technical account manager (TAM) for more information about solutions to problems.

Problem: The result of the verification test (Self-test) is unexpected

To solve this problem, try the following actions:

When using Kaspersky CyberTrace Web:

  1. If one or more Kaspersky Threat Data Feeds fail the Self-test that you ran on the Settings > Service tab by clicking Run Self-test:
    • If you defined any filtering rules on the Settings > Feeds tab, in the Filtering rules for feeds section, in the Filtering rules subsection, remove these filtering rules and click Save at the bottom of the page
    • On the Settings > Feeds tab, in the Feeds update section, click the Launch update now button to update your feeds.

    Re-run the Self-test. If all Kaspersky Threat Data Feeds pass the test, add the filtering rules again, if necessary. If the problem persists, please contact your technical account manager (TAM).

  2. If one or more Kaspersky Threat Data Feeds fail the verification test that you ran to check whether Kaspersky CyberTrace is correctly integrated with your SIEM solution:
    1. Check the feeds through Kaspersky CyberTrace Web:
      • If you defined any filtering rules on the Settings > Feeds tab, in the Filtering rules for feeds section, in the Filtering rules subsection, remove these filtering rules and click Save at the bottom of the page.
      • On the Settings > Feeds tab, in the Feeds update section, click the Launch update now button to update your feeds.

      Re-run the Self-test. If all Kaspersky Threat Data Feeds pass the test, add the filtering rules again by means of Kaspersky CyberTrace Web, if necessary.

    2. Check the connection between the computer with Kaspersky CyberTrace and the computer with your SIEM solution in both directions; that is, make sure that the computer with Kaspersky CyberTrace can be reached from the computer with your SIEM solution, and the computer with your SIEM solution can be reached from the computer with Kaspersky CyberTrace. Execute the following command on the command line:

      ping %ip%

      Here, %ip% is the IP address of the computer with Kaspersky CyberTrace (if the command is executed on the computer with your SIEM solution) or the IP address of the computer with your SIEM solution (if the command is executed on the computer with Kaspersky CyberTrace).

    3. Depending on the execution result of the ping command, do one of the following:
      • If the command failed on any computer, please ask your system administrator to check and, if necessary, reconfigure the firewall.
      • If the command finished successfully on both the Kaspersky CyberTrace computer and the computer with your SIEM solution installed—and if you tried the solutions suggested in step 2a above but are still getting the wrong verification test results—please contact your technical account manager (TAM).

If you do not use Kaspersky CyberTrace Web, and one or more Kaspersky Threat Data Feeds fail the verification test that you ran to check whether Kaspersky CyberTrace is correctly integrated with your SIEM solution, do the following:

Problem: Feed Service cannot start

To solve this problem, try the following actions:

Problem: Feed Service does not write logs

To solve this problem, try the following actions:

Problem: The feeds cannot be downloaded

To solve this problem, try the following actions:

Problem: The certificate cannot be authenticated

The "peer certificate cannot be authenticated with given CA certificates" error message appears in this case.

To solve this problem, try the following actions:

Make sure that you have the correct root certificate installed on your system. If you do not have the required root certificate, follows these steps:

  1. Go to https://wlinfo.kaspersky.com/ and authenticate with your certificate.
  2. In the leftmost part of the address bar of your browser, click the "lock" icon and select Certificate.

    The Certificate window opens.

  3. In the Certificate window, select the Certification Path tab.
  4. Select the root certificate (the certificate at the top of the certification path) and click the View Certificate button.

    The Certificate window opens.

  5. In the Certificate window, select the Details tab.
  6. In the table that appears, find the Serial number field and note its value. Do not close the window.
  7. Go to https://www.digicert.com/digicert-root-certificates.htm and use the serial number from step 6 to find the required root certificate.
  8. Download this root certificate and follow the standard procedure for your operating system to install it to the certificate store.

    When following the linked procedure, make sure that you use the root certificate downloaded in steps 7 and 8, and not the one exported through a browser by clicking Copy to File.

You can use this procedure to solve the same problem with https://127.0.0.1 (or https://localhost) and other sites that Kaspersky CyberTrace visits to download custom or third-party feeds.

Problem: Microsoft Internet Explorer 11 does not display fonts and font styles properly

The cause of this problem may be the accessibility settings of Internet Explorer.

To solve this problem, try the following actions:

  1. Open Internet Explorer
  2. Select the Tools button and select Internet options.
  3. Select the General tab, then select Accessibility.
  4. Make sure that Ignore font styles specified on webpages and Ignore font sizes specified on webpages check boxes are not selected.
  5. Click OK, and then OK again.
Page top