Basic troubleshooting steps in Kaspersky Endpoint Security 11 for Linux
If you experience any issues while using Kaspersky Endpoint Security for Linux, you can perform diagnostics and try to solve the issue yourself before contacting Kaspersky Technical Support.
For basic steps of troubleshooting Kaspersky Endpoint Security for Linux, see the flowchart. For more information about the steps, see below.
Step 1. Stop Kaspersky Endpoint Security for Linux
- Stop Kaspersky Endpoint Security for Linux:
sudo systemctl stop kesl
- Сheck if the issue persists. If the issue is resolved, move on to step 2. If the issue persists, Kaspersky Endpoint Security for Linux does not cause the issue.
Step 2. Start Kaspersky Endpoint Security for Linux
- Start Kaspersky Endpoint Security for Linux:
sudo systemctl start kesl
- Proceed to one of the following steps depending on the type of the issue:
Step 3. Troubleshoot performance issues
- Identify the task that causes the issue. To do so, disable the File Threat Protection (File_Threat_Protection) and Behavior Detection (Behavior_Detection) tasks one by one and check if the issue persists:
sudo kesl-control --stop <taskID>
- <taskID> is a task identifier. You can learn it by using the sudo kesl-control --get-task-list command.
- To collect the diagnostic information, restart the task that caused the issue:
sudo kesl-control --start <taskID>
- Reproduce the issue and collect the Kaspersky Endpoint Security for Linux traces for 10-20 minutes. For instructions, see this article.
- Go to step 7.
Step 4. Troubleshoot network issues
- Identify the task that causes the issue. To do so, disable the Firewall Management (Firewall_Management), Anti-Cryptor (Anti_Cryptor), Web Threat Protection (Web_Threat_Protection) and Network Threat Protection (Network_Threat_Protection) tasks one by one and check if the issue persists:
sudo kesl-control --stop <taskID>
- <taskID> is a task identifier. You can learn it by using the sudo kesl-control --get-task-list command.
- To collect the diagnostic information, restart the task that caused the issue:
sudo kesl-control --start <taskID>
- Start tcpdump:
sudo tcpdump tcp port 443 -i lo -i <network interface> -w /tmp/kesl.tcpdump
- <network interface> is a used network interface. You can learn it by using the ifconfig command.
- Reproduce the issue and collect the Kaspersky Endpoint Security for Linux traces. For instructions, see this article.
- Go to step 7.
Step 5. Troubleshoot the issues related to Kaspersky Security Center
- Collect the Kaspersky Endpoint Security for Linux traces. For instructions, see this article.
- Collect the Network Agent traces. For instructions, see this article. Set the level of detail to 5. To do this, replace the line echo -n 4 > /etc/opt/kaspersky/klnagent/1103/1.0.0.0/Debug/TraceLevel with the following:
echo -n 5 > /etc/opt/kaspersky/klnagent/1103/1.0.0.0/Debug/TraceLevel
Step 6. Troubleshoot other issues
- Reproduce the issue and collect the Kaspersky Endpoint Security for Linux traces. For instructions, see this article.
- Go to step 7.
Step 7. Complete the troubleshooting
Submit a request to Kaspersky technical support via Kaspersky CompanyAccount. Please include a detailed description of the issue. Before sending a request, read the required information in the Knowledge Base section.
Attach all the collected diagnostic information.