Configuring logging in ICAP mode

In ICAP mode, Kaspersky Scan Engine can log its activity. Logging settings are specified in the icapdkavlog.conf configuration file (hereinafter referred to as the logging configuration file), located in the /opt/kaspersky/ScanEngine/bin directory.

You can change the logging settings after the kavicapd service is started.

Elements of the logging configuration file

Kaspersky Scan Engine can write debug logs and send syslog messages at the same time or separately.

Sending syslog messages is available starting from Kaspersky Scan Engine version 1.0.1.51.

Structure of the logging configuration file

Following is an example of a logging configuration file:

<?xml version="1.0"?>

<Logging>

<DebugLogging>

<Level>debug</Level>

<File size_limit="10" folder="./logs" clear_folder="1"/>

</DebugLogging>

<SyslogLogging>

<SyslogEnabled>%ENABLED%</SyslogEnabled>

<Syslog destination=”%IP:PORT%|localhost|Path” format=”cef|raw”/>

</SyslogLogging>

</Logging>

Page top