Sandbox component data

For the processing time, the body of the file sent by the Central Node component is saved in open form on the server hosting the Sandbox component. During processing, the server administrator can access the sent file in Technical Support Mode. The scanned file is deleted by a special script according to the schedule. Once every 60 minutes by default.

Information about the data stored on the server with the Sandbox component is provided in the table below.

Data stored on the server with the Sandbox component

Scope of data

Storage location

Storage duration

Access to data

Scanned files

/var/opt/kaspersky/sandbox/library/

After the Central Node component receives the scan results or until automatic deletion, but no more than 24 hours.

User access is defined by the administrator using operating system tools.

File scan results

  • /var/opt/kaspersky/sandbox/library/
  • /tmp/

After the Central Node component receives the scan results or until automatic deletion, but no more than 24 hours.

User access is defined by the administrator using operating system tools.

Task settings

  • /var/opt/kaspersky/sandbox/library/
  • Sandbox component database

After the Central Node component receives the scan results or until automatic deletion, but no more than 24 hours in the directory /var/opt/kaspersky/sandbox/library/.

Up to 90 days in the Sandbox component database.

User access to the directory /var/opt/kaspersky/sandbox/library/ is defined by the administrator using operating system tools.

A password is required for user authentication in the database. Access to database files is granted only to users who started database processes and users with root privileges.

Access is provided only over an encrypted IPSec channel.

Trace files

/var/log/kaspersky/sandbox/

Up to 21 days.

User access is defined by the administrator using operating system tools.

Only authorized users can perform actions with trace files.

Information about actions with trace files is saved in the application event log.

Settings of the update source

/var/opt/kaspersky/apt-updater

Until modified or deleted.

User access is defined by the administrator using operating system tools.

Minimum password length settings

/var/opt/kaspersky/apt-config-ram-common/validator.conf

Until modified or deleted.

User access is defined by the administrator using operating system tools.

Virtual machines

/vm

Until modified or deleted.

User access is defined by the administrator using operating system tools.

Downloaded images of operating systems and applications in iso format

/var/opt/kaspersky/sandbox/custom_images/iso

Until modified or deleted.

User access is defined by the administrator using operating system tools.

See also

Data provision

Service data of the application

Data of the Central Node and Sensor components

Data transmitted between application components

Data contained in application trace files

Data of Kaspersky Endpoint Agent for Windows

Kaspersky Endpoint Security for Windows data

Kaspersky Endpoint Security for Linux data

Kaspersky Endpoint Security for Mac data

Page top