1. Stop Kaspersky Endpoint Security for Linux:

sudo systemctl stop kesl

2. Сheck if the issue persists. If the issue is resolved, move on to step 2. If the issue persists, Kaspersky Endpoint Security for Linux does not cause the issue.

1. Start Kaspersky Endpoint Security for Linux:

sudo systemctl start kesl

2. Proceed to one of the following steps depending on the type of the issue: 
   • If the issue is related to the performance, proceed to step 3. 
   • If the issue is related to the network, move on to step 4.
   • If the issue is related to Kaspersky Security Center, proceed to step 5.
   • In other cases, proceed to step 6.

1. Identify the task that causes the issue. To do so, disable the File Threat Protection (File_Threat_Protection) and Behavior Detection (Behavior_Detection) tasks one by one and check if the issue persists:

sudo kesl-control --stop <taskID>

1. <taskID> is a task identifier. You can learn it by using the sudo kesl-control --get-task-list command.

2. To collect the diagnostic information, restart the task that caused the issue:

sudo kesl-control --start <taskID>

3. Reproduce the issue and collect the Kaspersky Endpoint Security for Linux traces for 10-20 minutes. For instructions, see this article. 
4. Go to step 7.

1. Identify the task that causes the issue. To do so, disable the Firewall Management (Firewall_Management), Anti-Cryptor (Anti_Cryptor), Web Threat Protection (Web_Threat_Protection) and Network Threat Protection (Network_Threat_Protection) tasks one by one and check if the issue persists:

sudo kesl-control --stop <taskID>

1. <taskID> is a task identifier. You can learn it by using the sudo kesl-control --get-task-list command.

2. To collect the diagnostic information, restart the task that caused the issue:

sudo kesl-control --start <taskID>

3. Start tcpdump:

sudo tcpdump tcp port 443 -i lo -i <network interface> -w /tmp/kesl.tcpdump

1. <network interface> is a used network interface. You can learn it by using the ifconfig command.

4. Reproduce the issue and collect the Kaspersky Endpoint Security for Linux traces. For instructions, see this article. 
5. Go to step 7.

1. Collect the Kaspersky Endpoint Security for Linux traces. For instructions, see this article. 
2. Collect the Network Agent traces. For instructions, see this article. Set the level of detail to 5. To do this, replace the line echo -n 4 > /etc/opt/kaspersky/klnagent/1103/1.0.0.0/Debug/TraceLevel with the following:

echo -n 5 > /etc/opt/kaspersky/klnagent/1103/1.0.0.0/Debug/TraceLevel

4. Collect the Kaspersky Security Center traces. See instructions for Windows and Linux. 
5. Reproduce the issue.
6. Disable the tracing and proceed to step 7.

1. Reproduce the issue and collect the Kaspersky Endpoint Security for Linux traces. For instructions, see this article. 
2. Go to step 7.

Submit a request to Kaspersky technical support via Kaspersky CompanyAccount. Please include a detailed description of the issue. Before sending a request, read the required information in the Knowledge Base section. 

Attach all the collected diagnostic information.