Trace files of the Integration Server Console

Information about the operation of the Integration Server Console may be recorded in the following trace files:

• %LOCALAPPDATA%\Kaspersky Lab\Kaspersky VIISLA Console\logs\console.log – Integration Server Console trace file.
• %LOCALAPPDATA%\Kaspersky Lab\Kaspersky VIISLA Console\logs\KasperskyDeployWizard_<file creation date and time>.log file creation date and time > .log – SVM Management Wizard log. The log contains information about SVM deployment, reconfiguration, and removal procedures performed using the SVM Management Wizard.

Completing the SVM procedures for deployment, reconfiguration, and removal procedures using the SVM Management Wizard also generates a brief report. You can open the brief report by clicking the link at the last step of the procedure. The brief report is saved in a temporary file. To be able to use information from the report later, save the log file in a permanent storage location.

By default, recording of information in trace files of the Integration Server Console and in the SVM Management Wizard log is disabled.

You can enable or disable the recording of information in trace files and configure tracing using the %ProgramFiles(x86)%\Kaspersky Lab\Kaspersky VIISLA Console\NLog.config configuration file. Contact Technical Support representatives for details.

Administrator rights are required to edit the configuration file.

By default, trace files of the Integration Server Console are moved to the archive folder at %LOCALAPPDATA%\Kaspersky Lab\Kaspersky VIISLA Console\logs\archives. Files are moved to the archive every day. Up to 7 files are stored in the archive folder. Once this number is reached, older files are deleted.

Access to the folder with Integration Server Console trace files and the archival folder is restricted. For access, you need the rights of a system or local administrator; the user that started the Integration Server Console also has access.

If you change the default folder for storing trace files, Kaspersky Security does not control access to trace files. We recommend protecting the information from unauthorized access.

Data in the Integration Server Console trace file

In addition to general data, the following information may be saved in the Integration Server Console trace file:

• Headers and contents of HTTP requests that are sent and received by the Integration Server during its operation.
• Paths to files of the solution.
• Depending on the type of virtual infrastructure:
  • IP addresses or fully qualified domain names (FQDN) and names of hypervisors or virtual infrastructure administration servers to which the Integration Server connects.
  • IP addresses or fully qualified domain names (FQDN) of the Keystone microservice or other cloud infrastructure microservices to which the Integration Server connects.
  • Information about hypervisors needed for managing SVMs.
  • Information about OpenStack domains and OpenStack projects needed to manage SVMs (including IDs and names of OpenStack domains and OpenStack projects).
• Address of the VMware NSX Manager.
• Information about virtual machines (including IP addresses, IDs, and names of virtual machines).
• Information about navigations through sections of the Integration Server Console and working with interface elements.
• Names of internal Integration Server accounts.
• Names of user accounts that are used to connect the Integration Server to virtual infrastructure objects and the Kaspersky Security Center.
• Address of the device hosting the Kaspersky Security Center Administration Server
• IP address of the device hosting the Integration Server.
• Information about SVMs necessary for management.
• Fingerprints of certificates of virtual infrastructure objects.
• Fingerprints of Integration Server certificates.
• If Kaspersky Security is used in multitenancy mode:
  • information about tenants registered in the Integration Server database (including tenant names, IDs, descriptions, and other information specified by the administrator of the cybersecurity service provider)
  • information about Kaspersky Security Center virtual Administration Servers (including their IDs, directory structure, and names of administrator accounts of virtual servers)
  • Information about virtual machines of tenants: virtual machine names, IDs, IP addresses, and the time periods during which the Light Agent was connected to the SVM

Data in the SVM Management Wizard log

In addition to general data, the following information may be saved in the SVM Management Wizard log:

• Depending on the type of virtual infrastructure:
  • IP addresses or fully qualified domain names (FQDN) and names of hypervisors or virtual infrastructure administration servers to which the Integration Server connects.
  • IP addresses or fully qualified domain names (FQDN) of the Keystone microservice or other cloud infrastructure microservices to which the Integration Server connects.
  • Information about hypervisors needed for managing SVMs.
  • Information about OpenStack domains and OpenStack projects needed to manage SVMs (including IDs and names of OpenStack domains and OpenStack projects).
• Fingerprints of certificates of virtual infrastructure objects.
• Address of the VMware NSX Manager.
• Information about SVMs required for management (including SVM names and IDs, MAC addresses, and the path to the SVM in the hierarchy of the virtual infrastructure).
• If Kaspersky Security is used in multitenancy mode: information about tenants and a list of Kaspersky Security Center virtual Administration Servers.
• Additionally, in the trace file of the SVM deployment procedure:
  • Name of the account used for connecting to the virtual infrastructure.
  • For deployments on the VMware vSphere platform:
    • A list of all VMware ESXi hypervisors managed by a single VMware vCenter Server, their state, the protection status and privileges of the account used to connect to the VMware vCenter Server.
    • A list of VMware ESXi hypervisors that were selected for SVM deployment, and their versions.
  • Path to the SVM image file and information about the SVM image (may include personal data, for example, the last name and first name, if this information is part of the path).
  • SVM image validation status.
  • Path to the installer of the Kaspersky Security Center Network Agent (may include personal data, for example, the last name and first name if this information is part of the path).
  • Other SVM settings that the user specified during deployment (including the address of Kaspersky Security Center and IP addressing settings for the SVM).
  • SVM configuration commands (commands executed over SSH under the klconfig account), including command line arguments, except for passwords.
• Additionally, in the trace file of the SVM reconfiguration procedure:
  • Information on whether or not the reconfiguration will change:
    • Settings of accounts for connecting to SVMs.
    • List of virtual networks used by SVMs.
    • IP addressing settings for SVMs.
  • Address of the device hosting the Kaspersky Security Center Administration Server.
  • SVM configuration commands (commands executed over SSH under the klconfig account), including command line arguments, except for passwords.
• Additionally, in the trace file of the SVM removal procedure, address of the device hosting the Kaspersky Security Center Administration Server.

Data in the brief report of the SVM Management Wizard

The following information may be saved in the brief report of the SVM Management Wizard:

• Depending on the type of virtual infrastructure:
  • Names and addresses of the hypervisors on which SVMs are deployed.
  • Names of the OpenStack domains and OpenStack projects in which the SVMs are deployed.
• SVM names
• Brief description of the completed steps of the deployment, removal, or reconfiguration procedure of each SVM, including the start and end times of each step. If an error occurred during a particular stage, the relevant information is reflected in the report.

Page top