This section describes how Feed Service logs its activity.
Enabling logging
By default, logging is disabled. To enable logging, use the kl_feed_service_log.conf file in the bin
directory where the binary file of the service is located. Fill in the kl_feed_service_log.conf file as described in this section. This file is used by Feed Service and the watchdog module. A change in the contents of the kl_feed_service_log.conf file results in the new settings being applied; this process takes several seconds.
Enabling logging decreases the performance of Feed Service. Use logging only if you encounter problems and errors.
Logging and data security
If you enable logging, Feed Service can write to the log files any of the following information that can be considered private, security-related, or sensitive:
Log files are regular text files. No information written to the log files is encrypted. The log files have standard inherited access rights. We recommend that you assign the directory for storing log files the appropriate rights so that only the administrator can read the log files.
Kaspersky CyberTrace does not send log files or any data contained in them to Kaspersky. For technical support purposes, your Technical Account Manager can ask you to provide log files.
Log files are stored until they are explicitly deleted by a user. If the Append
parameter in the logging configuration file is 0
, the previous log files are deleted when Feed Service is started. If the Append
parameter in the logging configuration file is 1
, the information is retained during the full cycle of Feed Service usage
If you uninstall Kaspersky CyberTrace, these log files will not be deleted if the directory with log files is located outside of the Feed Service installation directory (as specified by the LogsFolder
parameter).
For more information about data written to the log files, see subsection "Log file contents" below.
Logging configuration file
The kl_feed_service_log.conf file is an XML file. Its fields are described in the table below.
Parameter |
Description |
Mandatory / optional |
---|---|---|
WriteLog |
Log level. One of the following values can be used:
|
Optional By default, |
LogsFolder |
The directory where to store log files. Absolute and relative paths can be used. On Windows, you cannot use the following symbols in the
If you use environment variables in the |
Optional By default, the |
SizeLimit |
The maximum size of the log file, in MB. If |
Optional By default, |
Append |
Indicates whether old log files must be removed ( |
Optional By default, |
UseSyslog |
Indicates whether the system daemon syslog will be used for logging (1) or not (0). This parameter is not used in Windows. |
Optional By default, |
Configuration file example
The following kl_feed_service_log.conf file example enables logging at the dbg
logging level. Logs will be stored in the logs
subdirectory of the directory where the Feed Service binary file resides.
<Logging> <WriteLog>dbg</WriteLog> <LogsFolder>logs</LogsFolder> <SizeLimit>0</SizeLimit> <Append>0</Append> <UseSyslog>0</UseSyslog> </Logging> |
Log files name format
Feed Service writes messages to files named "kl_feed_service-<pid>-<date_time>.log"
or "kl_feed_service-<pid>-<date_time>_<index>.log"
.
The watchdog module writes messages to files named "kl_feed_servicewd-<pid>-<date_time>.log"
or "kl_feed_servicewd-<pid>-<date_time>_<index>.log"
.
Log file contents
If the err
logging level is used, Feed Service writes the following information to the log:
If the inf
logging level is used, Feed Service writes the following information to the log:
err
logging level.Note that incoming events can contain private data, and so we recommend that you protect the log files from unauthorized access.
If the dbg
logging level is used, Feed Service writes the following information to the log:
inf
logging level.