About Kaspersky Thin Client logs
Oct 23, 2023
Kaspersky Thin Client maintains two types of logs:
- Event log. This log saves all events registered by Kaspersky Thin Client components. You can view the event log in the Kaspersky Thin Client interface, and forward it to a log server.
- Audit log. This log stores data on the certificates uploaded to Kaspersky Thin Client, and contains information on instances when Kaspersky Security Center was used to enable or disable management of thin clients. The audit log cannot be viewed in the Kaspersky Thin Client interface. You can forward the audit log file to a log server.
The Kaspersky Thin Client event log contains the following information:
- Date and time when the event occurred.
- Name of the Kaspersky Thin Client component that registered the event.
- Event severity. The following values are possible:
- Trace is all possible messages and warnings that occur during application operation.
- Debug is debug messages and all informational and important messages, and all warnings and messages about common and critical errors.
- Info is informational messages, important messages and all warnings, and messages about common and critical errors.
- Warn is all warnings and messages about ordinary and critical errors.
- Error is messages about errors and critical errors in application operation.
- Fatal is messages about critical errors in application operation.
- Debug information in <File>:<Line Number>,<Function> format, where:
- File means file name.
- Line Number is number of the line in the file.
- Function is debug information.
- Process ID and thread ID.
- Product version ID.
The Kaspersky Thin Client audit log contains the following information:
- Upload date and time of the certificate for connecting Kaspersky Thin Client to Kaspersky Security Center.
- Address of the Kaspersky Security Center Administration Server (IP address and/or domain server name).
- Kaspersky Security Center Administration Server port number.
- List of certificate attributes: issuer name, subject name, certificate fingerprint, validity start date and time, validity end date and time, thin client ID.
- Information about incidents when management of Kaspersky Thin Client via the Kaspersky Security Center Web Console was enabled or disabled.