Basic troubleshooting steps in Kaspersky Endpoint Security 11 for Linux
Show applications and versions that this article concerns
- Kaspersky Endpoint Security 11.4.0 for Linux (version 11.4.0.1096)
- Kaspersky Endpoint Security 11.3.0 for Linux (version 11.3.0.7508)
- Kaspersky Endpoint Security 11.3.0 for Linux (version 11.3.0.7441)
- Kaspersky Endpoint Security 11.2.0 for Linux (version 11.2.0.4528)
If you experience any issues while using Kaspersky Endpoint Security for Linux, you can perform diagnostics and try to solve the issue yourself before contacting Kaspersky Technical Support.
For basic steps of troubleshooting Kaspersky Endpoint Security for Linux, see the flowchart. For more information about the steps, see below.
Step 1. Stop Kaspersky Endpoint Security for Linux
- Stop Kaspersky Endpoint Security for Linux:
sudo systemctl stop kesl
- Сheck if the issue persists. If the issue is resolved, move on to step 2. If the issue persists, Kaspersky Endpoint Security for Linux is not the cause of it.
Step 2. Start Kaspersky Endpoint Security for Linux
- Start Kaspersky Endpoint Security for Linux:
sudo systemctl start kesl
- Proceed to one of the following steps depending on the type of the issue:
Step 3. Troubleshoot performance issues
- Identify the task that causes the issue. To do so, disable the File Threat Protection (File_Threat_Protection) and Behavior Detection (Behavior_Detection) tasks one by one and check if the issue persists.
sudo kesl-control --stop <taskID>
- <taskID> is a task identifier. You can learn it by using the sudo kesl-control --get-task-list command.
- To collect the diagnostic information, restart the task that caused the issue:
sudo kesl-control --start <taskID>
- Reproduce the issue and collect the Kaspersky Endpoint Security for Linux traces for 10-20 minutes. For instructions, see this article.
- Go to step 7.
Step 4. Troubleshoot network issues
- Identify the task that causes the issue. To do so, disable the Firewall Management (Firewall_Management), Anti-Cryptor (Anti_Cryptor), Web Threat Protection (Web_Threat_Protection) and Network Threat Protection (Network_Threat_Protection) tasks one by one and check if the issue persists.
sudo kesl-control --stop <taskID>
- <taskID> is a task identifier. You can learn it by using the sudo kesl-control --get-task-list command.
- To collect the diagnostic information, restart the task that caused the issue:
sudo kesl-control --start <taskID>
- Start tcpdump:
sudo tcpdump tcp port 443 -i lo -i <network interface> -w /tmp/kesl.tcpdump
- <network interface> is a used network interface. You can learn it by using the ifconfig command.
- When reproducing the issue, collect the Kaspersky Endpoint Security for Linux traces.
- Go to step 7.
Step 5. Troubleshoot the issues related to Kaspersky Security Center
- Collect the Kaspersky Endpoint Security for Linux traces using this instruction.
- Collect the Network Agent traces. Set the level of detail to 5. To do this, replace the line echo -n 4 > /etc/opt/kaspersky/klnagent/1103/1.0.0.0/Debug/TraceLevel with the following:
echo -n 5 > /etc/opt/kaspersky/klnagent/1103/1.0.0.0/Debug/TraceLevel
Step 6. Troubleshoot other issues
- Reproduce the issue and collect the Kaspersky Endpoint Security for Linux traces.
- Go to step 7.
Step 7. Complete the troubleshooting
Submit a request to Technical Support through Kaspersky CompanyAccount. Attach all the collected diagnostic information.
