Application settings configuration files

After the initial setup, the application creates the following configuration files:

/var/opt/kaspersky/kesl/common/agreements.ini
The agreements.ini configuration file contains settings related to the License Agreement, Privacy Policy, and Kaspersky Security Network Statement.
/var/opt/kaspersky/kesl/common/kesl.ini
The kesl.ini configuration file contains the settings described in the following table.

If necessary, you can edit the values of the settings in these files.

The default values in these files should be changed only under the supervision of Technical Support specialists and in accordance with their instructions.

Settings of the kesl.ini configuration file

Setting	Description	Values

The [General] section contains the following settings:
`PCID`	A unique installation identifier.	Filled out automatically during the initial setup of the application.
`ExecEnvMax`	The number of environment variables that the application captures from the command call.	Default value: 50.
`Locale`	The locale used for the application events sent to Kaspersky Security Center.	The locale in the format specified by RFC 3066. If the `Locale` setting is not specified, the operating system locale is used. If the application fails to determine the operating system localization language or the operating system localization is not supported, the default value will be used – `en_US.utf8`. The locale of the graphical interface and the application command line depends on the value of the `LANG` environment variable. If the locale that is not supported by Kaspersky Endpoint Security is specified as the value of the `LANG` environment variable, the graphical interface and the command line are displayed in English.
`ScanMemoryLimit`	Limit on the application's use of memory in megabytes.	Default value: 8192.
`ExecArgMax`	Number of arguments that the application captures from the exec call.	Default value: 50.
`MachineId`	The user's unique device ID.	Filled out automatically during the initial setup of the application.
`StartupTraces`	Enables generation of trace files at application startup.	`True/Yes` – Create trace files at application startup. `False/No` (default value) – Do not create trace files at application startup.
`CoreDumps`	Enables the creation of a dump file when application failure occurs.	`True/Yes` (default value) – Create a dump file when the application fails. `False/No` – Do not create a dump file when the application fails.
`UseFanotify`	Indicates use of fanotify notifications.	`True/Yes` – The operating system supports fanotify notifications. `False/No` – The operating system does not support fanotify notifications. Filled out automatically during the initial setup of the application.
`SocketPath`	Path to a socket for a remote connection to, say, a graphical interface and the kesl-control utility.	Default value: /var/run/bl4control.
`PackageType`	Format of the installed application package.	`RPM` – an RPM package is installed. `DEB` – a DEB package is installed. Filled out automatically during the initial setup of the application.
`AdditionalDNSLookup`	Indicates use of a public DNS.	`True/Yes` – Use a public DNS to access Kaspersky servers. `False/No` (default value) – Do not use a public DNS to access Kaspersky servers. If there are errors accessing servers through the system DNS, the application uses a public DNS. This is needed for updating application databases and maintaining device security. The application will use the following public DNSes in this order: Google Public DNS™ (8.8.8.8). Cloudflare® DNS (1.1.1.1). Alibaba Cloud® DNS (223.6.6.6). Quad9® DNS (9.9.9.9). CleanBrowsing (185.228.168.168). The application's requests may contain domain addresses and the user's external IP address, since the application establishes a TCP/UDP connection with the DNS server. This information is necessary, for example, to check the certificate of a web resource when interacting via HTTPS. If the application is using a public DNS server, data processing rules are governed by the Privacy Policy of the corresponding service. If you need to block the application from using a public DNS server, contact Technical Support for a private patch.
The [Network] section contains the following settings:
`WtpFwMark`	A mark in the iptables rules for forwarding traffic to the application for processing by Web Threat Protection tasks. You may need to change this mark if a device with the application runs other software that uses the ninth bit of the TCP packet mask, and a conflict occurs.	A decimal value or hexadecimal number with the prefix 0x. Default value: 0x100.
`NtpFwMark`	A mark in the iptables rules for forwarding traffic to the application for processing by Network Threat Protection tasks. You may need to change this mark if a device with the application runs other software that uses the ninth bit of the TCP packet mask, and a conflict occurs.	A decimal value or hexadecimal number with the prefix 0x. Default value: 0x200.
`BypassFwMark`	A mark used to indicate packets created or scanned by the application, so that the application does not scan them again.	A decimal value or hexadecimal number with the prefix 0x. Default value: 0x400.
`BypassNFlogMark`	A mark used to indicate packages created or scanned by the application to prevent them from being logged by the iptable utility.	A decimal value or hexadecimal number with the prefix 0x. Default value: 0x800.
`ProxyRouteTable`	Number of the routing table.	Default value: 101.
The [Watchdog] section contains the following settings:
`TimeoutAfterHeadshot`	Maximum time to wait for the controlled process to complete from the moment the Watchdog server sends the HEADSHOT signal to the controlled process.	Default value: 2 minutes.
`StartupTimeout`	Maximum time interval from the moment the REGISTER message is received to the moment the SUCCESSFUL_STARTUP message is received.	Default value: 3 minutes.
`TimeoutAfterKill`	Maximum time to wait for the controlled process to complete from the moment the Watchdog server sends the SIGKILL signal to the controlled process. If the controlled process does not finish before this time elapses, the action specified by the --failed-kill setting is performed.	Default value: 2 days.
`PingInterval`	The interval with which the application attempts to send a PONG message to a server in response to a received PING message.	Default value: 2000 ms.
`MaxRestartCount`	Maximum number of consecutive unsuccessful attempts to start the application.	Default value: 5.
`ActivityTimeout`	Maximum time interval during which the application should send a message to the Watchdog server. If a message is not received from the application within this time interval, the Watchdog server begins the procedure to terminate the controlled process.	Default value: 2 minutes.
`ConnectTimeout`	Maximum time from the start of the controlled process to the moment when a connection with the Watchdog server is established by the application. If the application does not establish a connection in this time interval, the Watchdog server begins the procedure to terminate the controlled process.	Default value: 3 minutes.
`RegisterTimeout`	Maximum time from the moment the application connects to the Watchdog server to the moment the server receives a REGISTER message.	Default value: 500 ms.
`TimeoutAfterShutdown`	Maximum time to wait for the controlled process to complete from the moment the Watchdog server sends the SHUTDOWN signal to the controlled process.	Default value: 2 minutes.
`MaxVirtualMemory`	Limit on the use of virtual memory by the controlled process. If the controlled process uses more virtual memory than this limit, the Watchdog server begins the procedure to terminate the controlled process.	`off` (default value) – The virtual memory size is not limited. `<value>MB` – a value in megabytes.
`MaxSwapMemory`	Limit on the size of the swap file of the controlled process. If the swap file of the controlled process exceeds this limit, the Watchdog server begins the procedure to terminate the controlled process.	`off` (default value) – The size of the swap file is not limited. `<value` `>%` – a value between 0 and 100, expressing a percentage of memory. `<value>MB` – a value in megabytes. `lowest/<value>%/<value>MB` – the smaller value between the value as a percentage and the value in megabytes. `highest/<value>%/<value>MB` – the larger value between the value as a percentage and the value in megabytes.
`MaxMemory`	Limit on the resident set size for the controlled process. If the resident set size of the controlled process exceeds this limit, the Watchdog server begins the procedure to terminate the controlled process.	`off` – the resident set size is not limited. `<value` `>%` – a value between 0 and 100, expressing a percentage of memory. `<value>MB` – a value in megabytes. `lowest/<value>%/<value>MB` – the smaller value between the value as a percentage and the value in megabytes. `highest/<value>%/<value>MB` – the larger value between the value as a percentage and the value in megabytes. Default value: `highest/2048MB/50%`.

Page top