-E: a prefix indicating that the command belongs to the group of commands used for managing application events.
kesl-control -E
This command outputs information about all events in the application event log. You can use the less command to navigate through the list of displayed events.
Command syntax
kesl-control -E
kesl-control -E --query
This command outputs information about events from the application event log. You can use the less command to navigate through the list of displayed events. You can use a filter to output specific events or output a list of events to a file.
Command syntax
kesl-control -E --query "<filter conditions>" [--db <database file>] [-n <number>] --file <file name and path> [--json] [--reverse]
Arguments and keys
<database file> is the full path to the event log database file to output events from. By default, the application saves information about events to the database at /var/opt/kaspersky/kesl/private/storage/events.db. The location of the database is determined by the EventsStoragePath global application setting.
<filter conditions>: one or several logical expressions in the format <field> <comparison operator> '<value >', combined with the help of the logical operator and to limit the results.
<number> – number of the latest events of the selection (number of records from the end of the selection) to be displayed.
--file <file name and path>: the full path to the file to output events to. If you specify the name of a file without specifying its path, the file will be created in the current directory. If a file with the specified name already exists in the specified path, it will be overwritten. If the specified directory cannot be found on the disk, file will not be created.
If you do not specify the --file option, the list of events will be output to the console.
--json: output events in JSON format.
--reverse: display events in reverse order (from the newest event at the top to the oldest at the bottom).