Information in system event log files allows you to trace the process of Kaspersky NGFW software commands execution step by step and to find out the step at which the software runs into an error.
A dump file contains all information about the working memory of Kaspersky NGFW software processes. Creation of dump files in cases of abnormal termination of the Kaspersky NGFW software process is enabled by default. If necessary, the administrator of Kaspersky NGFW can disable dump file creation.
Network dumps file contain all information about network traffic on Kaspersky NGFW captured using the tcpdump utility, pcapdump commands, or the network packet capture functionality an IDPS rule is triggered.
System event, dump and network dump log files are stored in Kaspersky NGFW and deleted in accordance with the relevant rotation policy, manually by the Kaspersky NGFW administrator, or as part of a Kaspersky NGFW factory reset.
The files are not automatically sent to Kaspersky.
System event, dump and network dump log files may contain personal data. We recommend taking steps to protect information from unauthorized access before sending it to Kaspersky.
The solution does not provide for the ability to restrict the rights of users of servers and operating systems on which the Kaspersky NGFW solution is installed. We recommend that the administrator of Kaspersky NGFW control the access of users of servers and operating systems on which the solution is installed to the personal data of other users by any system means at the administrator's discretion.