Logging configuration file

This section describes properties of the kave.ini logging configuration file. The kave.ini logging configuration file defines the logging settings for Kaspersky Anti-Virus Engine.

Logging settings for the kavicapd/kavhttpd service and Kaspersky Anti-Virus Engine are synchronized on start and restart of the klScanEngineUI service. Kaspersky Scan Engine sets the logging level (WriteLog) and log directory (LogsFolder) in kave.ini to be the same as specified in the DebugLogging section of icapdkavlog.conf (for ICAP mode) or httpdkavlog.ini (for HTTP mode).

The following table describes properties of the kave.ini logging configuration file.

Logging configuration file properties

Property

Description

Append

Specifies whether previous log files are kept intact or are deleted on each initialization of Kaspersky Scan Engine.

Possible values:

  • 0

    Automatically remove existing log files.

    Existing log files in the log directory are automatically removed when Kaspersky Scan Engine is initialized.

  • 1

    Keep existing log files.

    Kaspersky Scan Engine writes logging information to new log files, each corresponding to a specific process. The option does not make the Kaspersky Scan Engine append information to an existing log.

SizeLimit

Only for Windows platforms. On Unix-like platforms, this parameter is ignored even if it is specified in kave.ini.

Sets the maximum possible size of a log file in megabytes.

Possible values:

Any positive integer in the range 0 to 4095.

Special cases:

  • 0

    No limit for the size of a log file. The log files can grow indefinitely.

Setting the limit to a non-zero value automatically turns on the append mode regardless of the value specified for the Append property.

WriteLog

Logging level.

Recommended values:

  • 0

    Logging is disabled.

  • 9

    Debug level.

Using other values is not recommended.

LogsFolder

Path to the log directory.

Do not enclose the path in quotation marks and do not use the escape sequence for whitespace.

Possible values:

Relative path

A path is calculated relative to the directory that contains the kave.ini logging configuration file.

If you specify a nonexistent directory, log files are created in a directory that contains the binary file of the service in use (kavhttpd in HTTP mode, and kavicapd in the ICAP mode).

Absolute path

If you specify a nonexistent directory, log files are created in a directory that contains the binary file of the service in use (kavhttpd in HTTP mode, and kavicapd in the ICAP mode).

Local path

The directory that contains kave.ini. A local path can be specified by either setting the value of the LogsFolder parameter to "." (without quotation marks) or leaving the value blank.

The full custom path for the log files must not exceed the limit of 260 characters, applied by MAX_PATH macro.
This integer number does not include additional length restrictions such as a null terminator used in C strings and other restrictions imposed by platforms: for example, when the file system stores an additional short name in 8.3 format with the original file name, to maintain compatibility with legacy applications.

Syslog

This property specifies whether Kaspersky Scan Engine sends logging data to a syslog daemon.

When using a syslog daemon, you can write logging data to log files, other programs, or redirect them to another host, as configured the configuration file for the syslog daemon.

Possible values:

  • 0

    Do not send syslog messages to the syslog daemon. Logging data is written directly to the location specified in the LogsFolder parameter.

  • 1

    Redirect logging data to a syslog daemon. In this case, logging data is stored at the location specified in the configuration file of the syslog daemon. The value of the LogsFolder parameter is ignored.

Before redirecting logging data to a syslog daemon, make sure to configure your syslog daemon for debug logging. Add the following line to the syslog.conf configuration file:
*.=debug -/var/log/debug
The syslog configuration file is typically located at /etc/syslog.conf and controls the output of the syslogd daemon.

Remarks

In some cases, your technical account manager (TAM) may ask you to enable advanced logging. Advanced logging may help Kaspersky specialists investigate troublesome issues.

To enable advanced logging:

  1. Open the kave.ini file (create a new one in the folder with kavehost binary if needed)
  2. In the Logging section add the BssLogsFolder option and specify a location to store the files with advanced logging data.

    This location must be separate from your standard logging data location (specified in LogsFolder).

Examples

The following example lists a sample configuration file for each of the target platforms.

The following sample configuration file may be used on a UNIX-like platform.

[LOGGING]

WriteLog=9

Append=0

LogsFolder=./logs

Syslog=0

Page top