Description of general settings
This section describes general settings of Kaspersky Endpoint Security.
General settings of the configuration file have the following values:
SambaConfigPath
Directory that stores the Samba configuration file. The Samba configuration file is needed to ensure that the AllShared or Shared:SMB values are applied for the Path option.
The standard directory of the SAMBA configuration file on the computer is specified by default.
Application restart is required after changing this setting.
Default value: /etc/samba/smb.conf
NfsExportPath
Directory that stores the NFS configuration file. The NFS configuration file is needed to ensure that the AllShared or Shared:NFS values are applied for the Path option.
The standard directory of the NFS configuration file on the computer is specified by default.
Application restart is required after changing this setting.
Default value: /etc/exports
TraceFolder
Directory that stores the application trace files. Trace files contain information about the operating system, and may also contain personal data.
If you specify a different directory, make sure that the account under which Kaspersky Endpoint Security is running has read/write permissions for this directory. Root privileges are required to access the default trace files directory.
Application restart is required after changing this setting.
Default value: /var/log/kaspersky/kesl
TraceLevel
Trace log level of detail.
Available values:
Detailed—Most detailed trace log
NotDetailed—The trace log contains error notifications
None—Does not create a trace log
Default value: None
TraceMaxFileCount
Specifies the maximum number of the application trace files.
Trace files for the current tracing process and from completed tracing processes are counted separately. For example, if the TraceMaxFileCount is set to two, then maximum four trace files can be stored: two files for the current tracing process and two files for previous processes.
Application restart is required after changing this setting.
Available values: 1–10000
Default value: 5
TraceMaxFileSize
Specifies the maximum size of an application trace file (in megabytes).
Application restart is required after changing this setting.
Available values: 1–1000
Default value: 500
BlockFilesGreaterMaxFileNamePath
Blocks access to files for which the full path length exceeds the defined parameter value specified in bytes.
If the complete path to the file being scanned exceeds the value of this setting, virus scan tasks skip this file during scanning.
This setting is not available on operating systems that use fanotify technology.
Available values: 4096–33554432
Default value: 16384
DetectOtherObjects
Enables or disables the detection of legitimate software that could be used by hackers to harm computers or data of users.
Available values:
Yes—Enable the detection of legitimate software that could be used by hackers to harm computers or data of users
No—Disable the detection of legitimate software that could be used by hackers to harm computers or data of users
Default value: No
NamespaceMonitoring
Enables or disables the scanning of the name spaces and Docker containers.
Available values:
Yes—Enable the scanning of the name spaces and Docker containers
No—Disable the scanning of the name spaces and Docker containers
Default value: Yes
DockerSocket
Address of a file or network Docker socket.
Default value: /var/run/docker.sock
ContainerScanAction
Action to be performed on a Docker container when an infected object is detected.
Actions on an infected object inside the Docker container are specified in the respective task settings.
Available values:
StopContainerIfFailed—Stop the Docker container if an infected object disinfection failed
StopContainer—Stop the Docker container when an infected object is detected
Skip—Do not perform any action on the Docker container when an infected object is detected
Default value: StopContainerIfFailed
InterceptorProtectionMode
Specifies whether the file interceptor blocks detected objects during the scan.
Available values:
Full—Block detected objects during the scan
Info—Do not block detected objects during the scan, log an event if an object is detected
Default value: Full
If you select Info value, protection level of your computer decreases.
UseKSN
Enables or disables participation in Kaspersky Security Network.
Available values:
No—Disable participation in Kaspersky Security Network
Basic—Enable participation in Kaspersky Security Network without sending statistics
Extended—Enable participation in Kaspersky Security Network with sending statistics
Default value: No
UseProxy
Enables or disables use of a proxy for Kaspersky Security Network, activation of the application, and updates.
Available values:
Yes—Enable use of a proxy
No—Disable use of a proxy
Default value: No
ProxyServer
Proxy server settings in the format [user[:password]@]host[:port].
MaxEventsNumber
Maximum number of events that will be stored by Kaspersky Endpoint Security. When the specified number of events is exceeded, Kaspersky Endpoint Security deletes the oldest events.
Default value: 500000
LimitNumberOfScanFileTasks
Maximum number of Scan_File tasks that a non-privileged user can simultaneously start on a computer. This parameter does not limit the number of tasks that a user with root privileges can start. If the value 0 is defined, a non-privileged user cannot start Scan_File tasks.
Available values: 0–4294967295
Default value: 0
If the USE_GUI setting was set to yes during the application installation, the default value for the LimitNumberOfScanFileTasks is 5.
UseSyslog
Enables or disables the logging of information about events to syslog.
Root privileges are required to access syslog.
Available values:
Yes—Enable the logging of information about events to syslog
No—Disable the logging of information about events to syslog
Default value: No
EventsStoragePath
Database file in which Kaspersky Endpoint Security saves information about events.
Root privileges are required to access the default database of events.
Default value: /var/opt/kaspersky/kesl/private/storage/events.db
ExcludedMountPoint.item_#
Specifies the mount points to be excluded from scan by tasks that use file operation interceptor (File Threat Protection and Anti-Cryptor). You can specify several mount points to be excluded from a scan.
Available values:
AllRemoteMounted—Exclude all remote directories mounted on the computer using the SMB and NFS protocols
Mounted:NFS—Exclude all remote directories mounted on the computer using the NFS protocol
Mounted:SMB—Exclude all remote directories mounted on the computer using the SMB protocol
/mnt—Exclude objects in the /mnt directory (including subdirectories), which is used as the temporary mount point for removable drives
<path that contains masks /mnt/user* or /mnt/**/user_share>—Exclude objects in directories, whose names contain the specified mask
Mount points must be specified in the same way as they are displayed in the mount command output.
The ExcludedMountPoint.item_# setting is not specified by default.