Enabling, configuring, and disabling trace logs. KAVSHELL TRACE
October 25, 2023
KAVSHELL TRACE command can be used to enable and disable the trace log for all Kaspersky Embedded Systems Security for Windows subsystems and to set the log detail level.
Kaspersky Embedded Systems Security for Windows writes information to trace files and the dump file in unencrypted form.
KAVSHELL TRACE command syntax
KAVSHELL TRACE </ON /F:<
path to folder with trace files
maximum size of the log file in megabytes
>] [/LVL: debug|info|warning|error|critical] [/r: <
maximum number of trace files to rotate
>] | /OFF>
If the trace log is enabled and you wish to change its settings, enter the
KAVSHELL TRACE command with the /ON option and use the /S and /LVL parameters to specify the trace log settings (see the table below).
KAVSHELL TRACE command keys
Enables the trace log.
This parameter specifies the full path to the folder where trace log files will be saved (required).
If a path to a non-existent folder is specified, no trace log will be created. Paths to folders on the network drives of other protected devices cannot be specified.
If the path specified by the parameter has a space, it needs to be enclosed in quotes, for example, /F:"C:\Trace Folder".
System environment variables can be used when specifying the path to the trace log files; user environment variables are not allowed.
This key sets the maximum size of a single trace log file. As soon as the log file reaches the maximum size, Kaspersky Embedded Systems Security for Windows will start recording information in a new file; the previous log file will be saved.
If the value of this parameter is not specified, the maximum size of one log file will be 50 MB.
This parameter sets the log detail level from maximum (All debug information), in which all events are recorded in the log, to minimum (Critical events), in which only critical events are recorded.
If this parameter is not specified, all events included in the All debug information level of detail will be recorded in the trace log.
This option enables rotation of trace files. If trace file rotation is enabled and the <
Available values: from 1 to 999. If no value is specified, trace file rotation is not enabled and the application returns an error.
This option disables the trace log.
KAVSHELL TRACE command example
To enable the trace log using the All debug information level of detail and a maximum log size of 200MB, saving the log file to the "C:\Trace Folder" folder, execute the command:
KAVSHELL TRACE /ON /F:"C:\Trace Folder" /S:200
To enable the trace log using the Important events level of detail, saving the log file to the "C:\Trace Folder" folder, execute the command:
KAVSHELL TRACE /ON /F:"C:\Trace Folder" /LVL:warning
To enable the trace log using the Important events level of detail, save the log file to C:\Trace Folder, and enable trace file rotation upon reaching a maximum of 50 files, execute the following command:
KAVSHELL TRACE /ON /F:"C:\Trace Folder" /LVL:warning /r:50
To disable the trace log, execute the command:
KAVSHELL TRACE /OFF