Trace files of management plug-ins

Trace files of web plug-ins

If you use the Kaspersky Security Center Web Console to manage Kaspersky Security solution components, information about events that occur during operation of the management web plug-ins may be written to the trace files of the web plug-ins:

Web plug-in trace files are created automatically if logging to the Kaspersky Security Center Web Console activity log was enabled during installation of Kaspersky Security Center Web Console. For more information, refer to the Kaspersky Security Center Help.

Web plug-in trace files are saved in the Kaspersky Security Center Web Console installation folder in the logs subfolder:

• /var/opt/kaspersky/ksc-web-console/logs – on devices with Linux operating systems
• %ProgramFiles%\Kaspersky Lab\Kaspersky Security Center Web Console\logs – on devices with Windows operating systems

The following information may be stored in the Integration Server web plug-in trace file:

• Diagnostic information about the operation of the Integration Server Web Console.
• Address of the device hosting the Kaspersky Security Center Administration Server.
• Port numbers for interaction with the Kaspersky Security Center Administration Server through the Kaspersky Security Center Network Agent.
• Description of exclusions and errors that occurred when working with internal subsystems and external services.
• Names of internal Integration Server accounts.
• Names of user accounts that are used to connect the Integration Server to virtual infrastructure objects.
• Certificate for establishing the connection to the Integration Server.
• Depending on the type of virtual infrastructure:
  • IP addresses or fully qualified domain names (FQDN) of hypervisors or virtual infrastructure administration servers to which the Integration Server connects.
  • IP addresses or fully qualified domain names (FQDN) of the Keystone microservice or other cloud infrastructure microservices to which the Integration Server connects.
  • Information about hypervisors needed for managing SVMs.
  • Information about OpenStack domains and OpenStack projects needed for managing SVMs.
• Information about VMware NSX Manager.
• Information about virtual machines (including virtual machine names).
• Settings for connecting Light Agents to SVMs.
• If Kaspersky Security is used in multitenancy mode:
  • Information about tenants registered in the Integration Server database.
  • Information about virtual Kaspersky Security Center Administration Servers (including the names of the administrators of the virtual servers and virtual machine names).
  • Information about virtual machines of tenants.

The following information may be stored in the Protection Server web plug-in trace file:

• Diagnostic information about the operation of the Protection Server web plug-in.
• Description of exclusions and errors that occurred when working with internal subsystems and external services.
• Certificate for connecting the SVM to the Integration Server.
• Private key for establishing a secure connection between the Light Agent and the Protection Server.
• Policy settings.

Trace files of MMC plug-ins

If you use the Kaspersky Security Center Administration Console to manage Kaspersky Security solution components, information about events that occur during operation of the management MMC plug-ins may be written to the following files on the device where the Kaspersky Security Center Administration Server is installed:

• Trace file of the MMC plug-in for managing the Protection Server. The file name is specified by the user, and the user name and process ID (PID) are added to the specified name. This file contains information about the events that occur during the plug-in operation, in particular, about the operation of the Protection Server policy and tasks.
• Trace files for management MMC plug-ins for Light Agent for Linux and Light Agent for Windows (applications running in Light Agent mode). The file names contain the application version number, the date and time the file was created, and the process identifier (PID). This file records information about events that occur during operation of the plug-in, in particular, about the operation of tasks and the Light Agent policy.

In addition to general data, MMC plug-in trace files may contain the following information:

• Personal data, including the last name, first name, and middle name, if such data is part of the path to files.
• The name of the account used to log in to the operating system if the user account name is part of a file name.

By default, trace files of Kaspersky Security MMC plug-ins are not created. You can create all trace files of the MMC plug-ins by using the registry keys. Contact Technical Support representatives for detailed information on how to create trace files.

All created MMC plug-in trace files are located in the %ProgramData%\Kaspersky Lab\Plugins\ folder.

The trace files of the management plug-ins are saved in a human-readable format. It is recommended that you ensure that information is protected against unauthorized access before it is sent to Kaspersky.

The trace files of the management plug-ins are not sent to Kaspersky automatically. Trace files are automatically deleted when Kaspersky Security is uninstalled.

Page top