Editing task settings using a configuration file

To edit values of task settings using a configuration file:

  1. Output the task settings to the configuration file using the command kesl-control --get-settings.
  2. Open the configuration file and edit the values of the necessary settings.

    For tasks of the OAS, ODS, OAFIM, ODFIM, and AntiCryptor types, you can add or remove scan scopes and exclusion scopes.

    If you want to add a scan scope, add a [ScanScope.item_ #] section with the following settings to the file:

    • AreaDesc is a description of the scan scope, which contains additional information about this scope.
    • UseScanArea enables scanning of the specified scope.
    • Path is a path to the directory with the objects to be scanned. You can specify a path to a local directory or enable scanning of remote directories mounted on a client device.
    • AreaMask.item_# is a limitation of the scan scope. You can specify a mask for the name of the files to be scanned. Scanning is enabled by default for all objects in the scan scope. You can specify multiple AreaMask.item_# items.

    If you want to add an exclusion scope, add an [ExcludedFromScanScope.item_#] section with the following settings to the file:

    • AreaDesc – a description of the exclusion scope, which contains additional information about the exclusion scope.
    • UseScanArea enables exclusion of the specified scope.
    • Path is a path to the directory with the objects to be excluded. You can specify a path to a local directory or exclude remote directories mounted on a client device. Possible values for the setting depend on the type of task.
    • AreaMask.item_# is a limitation of the exclusion scope. You can specify a mask for the name of the files that you want to exclude from the scan scope. By default, all objects in the scope are excluded.

      Example:

      [ExcludedFromScanScope.item_0000]

      AreaDesc=

      UseScanArea=Yes

      Path=/tmp/notchecked

      AreaMask.item_0000=*

    You can specify multiple [ScanScope.item_#] and [ExcludedFromScanScope.item_#] sections. The application processes the scopes by index in ascending order.

  3. Save the configuration file.
  4. Execute the command:

    kesl-control --set-settings <task ID/name> --file <path to configuration file> [--json]

    where:

    • <task ID/name> is the ID assigned to the task at the time of its creation, or the name of the task in the command line.
    • --file <configuration file path> – full path to the configuration file from which the task settings will be imported.
    • --json: specify this key if you are importing settings from a configuration file in JSON format. If the --json key is not specified, the application attempts to import from an INI file. If the import fails, an error is displayed.

All values of task settings defined in the file will be imported into the application.

If you change the allowlist, or prohibit launch of all applications or applications that affect the operation of Kaspersky Endpoint Security in the Application Control task settings, run the --set-settings command with the --accept key.

Page top