General application settings

General application settings define the operation of the application as a whole and the operation of individual functions.

Setting	Description	Values
`SambaConfigPath`	Directory that stores the Samba configuration file. The Samba configuration file is required to ensure that the `AllShared` or `Shared:SMB` values can be used for the `Path` setting.	The standard directory of the SAMBA configuration file on the computer is specified by default. Default value: /etc/samba/smb.conf. The application must be restarted after this setting is changed.
`NfsExportPath`	The directory where the NFS configuration file is stored. The NFS configuration file is required to ensure that the `AllShared` or `Shared:NFS` values can be used for the `Path` setting.	The standard directory of the NFS configuration file on the computer is specified by default. Default value: /etc/exports. The application must be restarted after this setting is changed.
`TraceLevel`	Enable application tracing and the level of detail in the trace files.	`Detailed` – Generate a detailed trace file. `MediumDetailed` – Generate a trace file that contains informational messages and error messages. `NotDetailed` – Generate a trace file that contains error messages. `None` (default value) — Do not generate a trace file.
`TraceFolder`	The directory that stores the application trace files.	Default value: /var/log/kaspersky/kics If you specify a different directory, make sure that the account under which Kaspersky Industrial CyberSecurity for Linux Nodes is running has read/write permissions for that directory. Root privileges are required to access the default trace files directory. The application must be restarted after this setting is changed.
`TraceMaxFileCount`	Maximum number of application trace files.	1–10000 Default value: 10. The application must be restarted after this setting is changed.
`TraceMaxFileSize`	Specifies the maximum size of an application trace file (in megabytes).	1–1000 Default value: 500. The application must be restarted after this setting is changed.
`BlockFilesGreaterMaxFileNamePath`	Blocks access to files for which the full path length exceeds the defined settings value specified in bytes. If the length of the full path to the scanned file exceeds the value of this setting, scan tasks skip this file during scanning. This setting is not available for operating systems that use the fanotify technology.	4096–33554432 Default value: 16384. After changing the value of this setting, the File Threat Protection task needs to be restarted.
`DetectOtherObjects`	Enable detection of legitimate applications that intruders can use to compromise devices or data.	`Yes`: enable detection of legitimate applications that intruders can use to compromise devices or data. `No` (default): disable detection of legitimate applications that intruders can use to compromise devices or data.
`NamespaceMonitoring`	Enable scanning of namespaces and containers. The application does not scan namespaces and containers unless components for working with containers and namespaces are installed in the operating system.	`Yes` (default value) — Enable scanning of namespaces and containers. `No` — Disable scanning of namespaces and containers.
`FileBlockDuringScan`	Enabling the file operation intercept mode with blocking access to files for the duration of the scan. The file operation interception mode affects the File Threat Protection and Device Control components.	`Yes` to block access to files for the duration of the scan. `No` (default value) to allow access to files during the scan. Requests to any file is allowed, scanning is done asynchronously.
`UseKSN`	Enabling Kaspersky Security Network usage:	`Basic` - enable use of Kaspersky Security Network in standard mode. `Extended` - enable use of Kaspersky Security Network in extended mode. `No` (default value) — disable use of Kaspersky Security Network.
`CloudMode`	Enable cloud mode. Cloud mode is available if use of KSN is enabled. If you plan to use cloud mode, make sure KSN is available on your device.	`Yes` – enable the operating mode in which Kaspersky Industrial CyberSecurity for Linux Nodes uses a lightweight version of the anti-malware databases. `No` (default value) – use the full version of the anti-malware databases. Cloud mode is disabled automatically if use of KSN is disabled.
`UseMDR`	Enabling the Managed Detection and Response component for integration with Kaspersky Managed Detection and Response.	`Yes` to enable the Managed Detection and Response component. `No` (default value) – disable the Managed Detection and Response component.
`UseProxy`	Enabling proxy server usage by Kaspersky Industrial CyberSecurity for Linux Nodes components. The proxy server can be used to activate the application, when updating databases and application modules, for interaction with Kaspersky Security Network and with Kaspersky Industrial CyberSecurity for Networks.	`Yes` - enable the use of a proxy server. `No` (default) - Disable the use of a proxy server. If `Yes` is selected, integration with Kaspersky Industrial CyberSecurity for Networks is performed through a proxy server.
`ProxyServer`	Proxy server settings in the following format: `<connection protocol>://`[`<user>[:<password>]@]<proxy server address>[:<port>`]. When connecting via an HTTP proxy, we recommend to use a separate account that is not used to sign in to other systems. An HTTP proxy uses an insecure connection, and the account may be compromised.	—
`MaxEventsNumber`	The maximum number of events stored by the application. When the specified number of events is exceeded, the application deletes the oldest events.	Default value: 500000. If 0 is specified, events are not saved.
`LimitNumberOfScanFileTasks`	The maximum number of custom scan tasks that a non-privileged user can simultaneously start on the device. This setting does not limit the number of tasks that a user with root privileges can start.	0–4294967295 Default value: 0. If 0 is specified, a non-privileged user cannot start custom scan tasks. If you installed the graphical user interface package when installing the application, the `LimitNumberOfScanFileTasks` settings has the default value `5`.
`UseSyslog`	Enable logging of information about events to syslog Root privileges are required to access syslog.	`Yes` — Enable logging of information about events to syslog. `No` (default value) — Disable logging of information about events to syslog.
`SyslogFormatType`	Format for recording events in syslog if `UseSyslog=yes`.	`cef` to log events in CEF format. When this format is selected, only detection events are recorded. `json` (default) to log events in syslog in JSON format. When this format is selected, all events are recorded.
`EventsStoragePath`	The database directory where the application saves information about events. Root privileges are required to access the default event database.	Default value: /var/opt/kaspersky/kics/private/storage/events.db.
`ExcludedMountPoint.item_#`	The mount point to exclude from the scan scope. The exclusion applies to the operation of the File Threat Protection, Anti-Cryptor, and Container Monitoring components and the Removable Drives Scan task, and is also configured in the operation of ODS and ContainerScan scan tasks. You can specify several mount points to be excluded from scans. Mount points must be specified in the same way as they are displayed in the `mount` command output. The `ExcludedMountPoint.item_#` setting is left unspecified by default.	`AllRemoteMounted` — Exclude all remote directories mounted on the device using SMB and NFS protocols from file operation interception. `Mounted:NFS` — Exclude all remote directories mounted on the device using the NFS protocol from file operation interception. `Mounted:SMB` — Exclude all remote directories mounted on the device using the SMB protocol from file operation interception. `Mounted:<file system type>` — Exclude all mounted directories with the specified file system type from file operation interception. `/mnt` — Exclude objects in the /mnt mount point (including subdirectories) from file operation interception. This directory is used as the temporary mount point for removable drives. `<path that contains the` `/mnt/user` `or` `/mnt//user_share>` — Exclude objects in mount points whose names contain the specified mask from file operation interception. You can use the `` (asterisk) character to create a file or directory name mask. You can indicate a single `` character to represent any set of characters (including an empty set) preceding the `/` character in the file or directory name. For example, `/dir//file` or `/dir///file`. You can indicate two consecutive `` characters to represent any set of characters (including an empty set and the `/` character) in the file or directory name. For example, `/dir//file/` or `/dir/file/`. The `` mask can be used only once in a directory name. For example, `/dir///file` is an incorrect mask. To exclude the mount point `/dir`, you need to specifically indicate `/dir` (no asterisk). The mask `/dir/` excludes all mount points at the level below `/dir` but not `/dir` itself. The `/dir/*` mask excludes all mount points below the level of `/dir` but not `/dir` itself. You can use a single `?` character to represent any one character in the file or directory name.
`MemScanExcludedProgramPath.item_#`	Exclude process memory from scans. The application does not scan the memory of the indicated process.	`<full path to process>` – Do not scan the process in the indicated local directory. You can use masks to specify the path. You can use the `` (asterisk) character to create a file or directory name mask. You can indicate a single `` character to represent any set of characters (including an empty set) preceding the `/` character in the file or directory name. For example, `/dir//file` or `/dir///file`. You can indicate two consecutive `` characters to represent any set of characters (including an empty set and the `/` character) in the file or directory name. For example, `/dir/*/file/` or `/dir/file/`. The `` mask can be used only once in a directory name. For example, `/dir///file` is an incorrect mask. You can use a single `?` character to represent any one character in the file or directory name.
`UseOnDemandCPULimit`	Enables CPU usage limits for tasks of the following types: ODS, ContainerScan, and InventoryScan.	`Yes`: enable the CPU usage limit for ODS, ContainerScan, and InventoryScan tasks. `No` (default): disable CPU usage limits for tasks.
`OnDemandCPULimit`	Maximum utilization of all processor cores (as a percentage) for tasks of the following types: ODS, ContainerScan, and InventoryScan.	Integer value from 10 to 100. Default value: 100.
`UseEdrOptimum`	Enabling the EDR Optimum component for integration with Kaspersky Endpoint Detection and Response Optimum.	`Yes` – Enable the EDR Optimum component. `No` (default) – Disable the EDR Optimum component.

Page top