For the processing time, the body of the file sent by the Central Node component is saved in open form on the server hosting the Sandbox component. During processing, the server administrator can access the sent file in Technical Support Mode. The scanned file is deleted by a special script according to the schedule. Once every 60 minutes by default.
Information about the data stored on the server with the Sandbox component is provided in the table below.
Data stored on the server with the Sandbox component
Scope of data |
Storage location |
Storage duration |
Access to data |
---|---|---|---|
Scanned files |
/var/opt/kaspersky/sandbox/library/ |
After the Central Node component receives the scan results or until automatic deletion, but no more than 24 hours. |
User access is defined by the administrator using operating system tools. |
File scan results |
|
After the Central Node component receives the scan results or until automatic deletion, but no more than 24 hours. |
User access is defined by the administrator using operating system tools. |
Settings of tasks |
|
After the Central Node component receives the scan results or until automatic deletion, but no more than 24 hours in the directory /var/opt/kaspersky/sandbox/library/. Up to 90 days in the Sandbox component database. |
User access to the directory /var/opt/kaspersky/sandbox/library/ is defined by the administrator using operating system tools. A password is required for user authentication in the database. Access to database files is granted only to users who started database processes and users with root privileges. Access is provided only over an encrypted IPSec channel. |
Trace files |
/var/log/kaspersky/sandbox/ |
Up to 21 days. |
User access is defined by the administrator using operating system tools. Only authorized users can perform actions with trace files. Information about actions with trace files is saved in the program event log. |