If you have enabled application trace files, these will be stored at /var/log/kaspersky/kesl/. Access to this directory requires root privileges.
Trace files are stored on the device as long as the application is in use, and are deleted permanently when the application is removed. Trace files are not sent to Kaspersky automatically.
Trace files are saved in a human-readable format. It is recommended to protect information from unauthorized access before sending it to Kaspersky.
Application trace file contents
Trace files contain the following general data:
Event time.
Number of the thread of execution.
Application component that caused the event.
Degree of event severity (informational event, warning, critical event, error).
A description of the event involving command execution by a component of the application and the result of execution of this command.
Trace files may store the following information in addition to general data:
The statuses of the application components and their operational data.
Data on user activity in the application.
Data on the hardware installed on the device.
Data about all operating system objects and events, including information about user activity.
Data contained in the objects of the operating system (for example, the contents of files that may contain any user personal data).
Network traffic data (for example, the contents of the entry fields on a website, which may include bank card information or any other sensitive data).
Data received from Kaspersky servers (such as the version of the application databases).
Data received from KATA servers.
Data on consumed CPU resources.
Data on consumed RAM resources.
Data about file read and write operations by applications.
Data on the amount of cached information required for the application to work.