This section describes the values of the general settings of Kaspersky Industrial CyberSecurity for Linux Nodes configuration file (see the table below).
General application settings
Setting |
Description |
Values |
---|---|---|
|
Directory that stores the Samba configuration file. The Samba configuration file is required to ensure that the |
The standard directory of the SAMBA configuration file on the computer is specified by default. Default value: /etc/samba/smb.conf. The application must be restarted after this setting is changed. |
|
The directory where the NFS configuration file is stored. The NFS configuration file is required to ensure that the |
The standard directory of the NFS configuration file on the computer is specified by default. Default value: /etc/exports. The application must be restarted after this setting is changed. |
|
Enables trace file generation and specifies the level of detail of the trace file. |
|
|
The directory that stores the application's trace files. Trace files contain information about the operating system, and may also contain personal data.
|
Default value: /var/log/kaspersky/kics If you specify a different directory, make sure that the account under which Kaspersky Industrial CyberSecurity for Linux Nodes is running has read/write permissions for this directory. Root privileges are required to access the default trace files directory. The application must be restarted after this setting is changed. |
|
Specifies the maximum number of application trace files.
|
The default value is The application must be restarted after this setting is changed. |
|
Specifies the maximum size of an application trace file (in megabytes). |
The default value is The application must be restarted after this setting is changed. |
|
Blocks access to files for which the full path length exceeds the defined settings value specified in bytes. If the length of the full path to the scanned file exceeds the value of this setting, virus scan tasks skip this file during scanning. This setting is not available for operating systems that use the fanotify technology. |
The default value is After changing the value of this setting, the File Threat Protection task needs to be restarted. |
|
Enable detection of legitimate software that could be used by intruders to harm computers or user data. |
|
|
Enable scanning of namespaces and containers. |
|
|
Mode for intercepting files when the File Threat Protection task is running. This setting also affects the operation of the Anti-Cryptor, Device Control and Removable Drive Scan. |
If the |
|
|
|
|
Enables Managed Detection and Response. |
|
|
Enabling proxy server usage by Kaspersky Industrial CyberSecurity for Linux Nodes components. A proxy server can be used to communicate with Kaspersky Security Network, to activate the application, when updating the application databases and modules, and when integrating with Kaspersky Industrial CyberSecurity for Networks. |
|
|
Proxy server settings in the format [user[:password]@]host[:port]. When connecting via an HTTP proxy, we recommend to use a separate account that is not used to sign in to other systems. An HTTP proxy uses an insecure connection, and the account may be compromised. |
— |
|
The maximum number of events stored by the application. When the specified number of events is exceeded, the application deletes the oldest events. |
The default value is If |
|
The maximum number of Scan_File tasks that a non-privileged user can simultaneously start on a computer. This parameter does not limit the number of tasks that a user with root privileges can start. |
The default value is If If you installed the graphical user interface package when installing the application, the default value of the |
|
Enable logging of information about events to syslog Root privileges are required to access syslog. |
|
|
The database directory where the application saves information about events. Root privileges are required to access the default event database. |
Default value: /var/opt/kaspersky/kics/private/storage/events.db. |
|
The mount point to be excluded from the scan scope for tasks that use a file operation interceptor (File Threat Protection and Anti-Cryptor). You can specify several mount points to be excluded from scans. Mount points must be specified in the same way as they are displayed in the The |
|
|
Exclude process memory from scans. The application does not scan the memory of the indicated process. |
|