Support

Support for business applications

Kaspersky Anti Targeted Attack (KATA) Platform

Data provision

Sandbox component data

Kaspersky Anti Targeted Attack (KATA) Platform
Нет результатов
Knowledge Base Online Help
Advice & Solutions FAQ Download Forum Contact support Recovery tools

Sandbox component data

April 2, 2024

ID 176763

For the processing time, the body of the file sent by the Central Node component is saved in open form on the server hosting the Sandbox component. During processing, the server administrator can access the sent file in Technical Support Mode. The scanned file is deleted by a special script according to the schedule. Once every 60 minutes by default.

Information about the data stored on the server with the Sandbox component is provided in the table below.

Data stored on the server with the Sandbox component

Scope of data

Storage location

Storage duration

Access to data

Scanned files

/var/opt/kaspersky/sandbox/library/

After the Central Node component receives the scan results or until automatic deletion, but no more than 24 hours.

User access is defined by the administrator using operating system tools.

File scan results
  • /var/opt/kaspersky/sandbox/library/
  • /tmp/

After the Central Node component receives the scan results or until automatic deletion, but no more than 24 hours.

User access is defined by the administrator using operating system tools.

Task settings
  • /var/opt/kaspersky/sandbox/library/
  • Sandbox component database

After the Central Node component receives the scan results or until automatic deletion, but no more than 24 hours in the directory /var/opt/kaspersky/sandbox/library/.

Up to 90 days in the Sandbox component database.

User access to the directory /var/opt/kaspersky/sandbox/library/ is defined by the administrator using operating system tools.

A password is required for user authentication in the database. Access to database files is granted only to users who started database processes and users with root privileges.

Access is provided only over an encrypted IPSec channel.

Trace files

/var/log/kaspersky/sandbox/

Up to 21 days.

User access is defined by the administrator using operating system tools.

Only authorized users can perform actions with trace files.

Information about actions with trace files is saved in the application event log.

Settings of the update source

/var/opt/kaspersky/apt-updater

Until modified or deleted.

User access is defined by the administrator using operating system tools.

Minimum password length settings

/var/opt/kaspersky/apt-config-ram-common/validator.conf

Until modified or deleted.

User access is defined by the administrator using operating system tools.

Virtual machines

/vm

Until modified or deleted.

User access is defined by the administrator using operating system tools.

Downloaded images of operating systems and applications in iso format

/var/opt/kaspersky/sandbox/custom_images/iso

Until modified or deleted.

User access is defined by the administrator using operating system tools.

See also

Data provision

Service data of the application

Data of the Central Node and Sensor components

Data transmitted between application components

Data contained in application trace files

Data of Kaspersky Endpoint Agent for Windows

Kaspersky Endpoint Security for Windows data

Kaspersky Endpoint Security for Linux data

Kaspersky Endpoint Security for Mac data

Kaspersky Professional Services
Implementation services. Health check and security system configuration. Contact us if you need expert help.
Kaspersky Premium Support (MSA): High‑priority incident processing
Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).
Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.