Kaspersky Endpoint Security commands
January 20, 2022
ID 199361
You can modify the values of Kaspersky Endpoint Security settings from the command line.
The following are the rules for using Kaspersky Endpoint Security commands:
- Be case-sensitive.
- Separate keys with a space character.
- When using the full name of a command or key, enter the value after an equal (=) character.
Example:
Specify the
URL
setting value for the custom update source of the update task (ID=6) from the command line:kesl-control --set-settings 6
SourceType=Custom CustomSources.item_0000.URL=http://site.domain/path CustomSources.item_0000.Enabled=Yes
Displaying Kaspersky Endpoint Security command Help
--help
Displays Help for Kaspersky Endpoint Security commands.
Display Kaspersky Endpoint Security events
-W
Enables the display of Kaspersky Endpoint Security events.
Commands for managing Kaspersky Endpoint Security settings and tasks
-T
Prefix indicating that the command belongs to the group of commands used for managing Kaspersky Endpoint Security settings / managing tasks (optional).
[-S] --app-info
Displays general information about Kaspersky Endpoint Security.
[-Т] --get-app-settings --file <file name and directory>
Returns the general settings of Kaspersky Endpoint Security.
[-T] --set-app-settings --file <file name and directory>
Sets the general settings of Kaspersky Endpoint Security.
[-T] --get-task-list
Returns the list of existing Kaspersky Endpoint Security tasks.
[-T] --get-task-state <task ID>|<task name>
Displays the status of the specified task.
[-T] --create-task <task name> --type <task type> --file <file name and directory>
Creates a task of the specified type; imports the settings from the specified configuration file into the task.
[-T] --delete-task <task ID>|<task name>
Deletes the task.
[-T] --start-task <task ID>|<task name> [-W] [--progress] [--file <file name and directory>]
Starts the task.
[-T] --stop-task <task ID>|<task name>
Stops the task.
[-T] --suspend-task <task ID>|<task name>
Suspends the task. The Update task cannot be suspended.
[-T] --resume-task <task ID>|<task name>
Resumes the task. The Update task cannot be resumed.
[-T] --get-settings <task ID>|<task name> --file <file name and directory>
Returns task settings.
[-T] --set-settings <task ID>|<task name> [<parameters>] [--file <file name and directory>] [--add-path <path>] [--del-path <path>] [--add-exclusion <exclusion>] [--del-exclusion <exclusion>]
Sets task settings.
[-T] --scan-file <path> [--action <action>]
Creates and starts a temporary Scan_File
task.
[-T] --import-settings --file <full path to configuration file>
Imports the application setting to the configuration file.
[-T] --update-application
Updates the application.
[-S] --omsinfo --file <path>
Creates a file in JSON format for integration with Microsoft Operations Management Suite.
Key management commands
-L
Prefix indicating that the command belongs to the group of commands used to manage keys.
[-L] --install-active-key <activation code>|<key file>
Adds the active key.
[-L] --install-additional-key <activation code>|<key file>
Adds the reserve key.
[-L] --revoke-active-key
Removes the active key.
[-L] --revoke-additional-key
Removes the reserve key.
[-L] --query
Displays information about the key.
Commands for Firewall Management task
[-F] --add-rule [--name <string>] [--action <action>] [--protocol <protocol>] [--direction <directory>] [--remote <remote>] [--local <local>] [--at <index>]
Adds a new rule.
[-F] --del-rule [--name <string>] [--index <index>]
Deletes a rule.
[-F] --move-rule [--name <string>] [--index <index>] [--at <index>]
Changes the rule priority.
[-F] --add-zone [--zone <zone>] [--address <address>]
Adds an IP address to the zone.
[-F] --del-zone [--zone <zone>] [--address <address>] [--index <index>]
Deletes an IP address from the zone.
-F --query
Displays information.
Commands for Anti-Cryptor task
[-H] --get-blocked-hosts
Displays a list of blocked hosts.
[-H] --allow-hosts
Unblocks untrusted hosts.
Commands for managing Storage
-B
Prefix indicating that the command belongs to the group of commands used to manage Storage.
[-B] --mass-remove --query
Clears the Storage, fully or selectively.
[-B] --query "<logical expression>"
Displays information about objects in Storage.
[-B] --restore <object ID> --file <file name and directory>
Restores an object from Storage.
Commands used to manage the event log
-E
Prefix indicating that the command belongs to the group of commands used to manage the event log.
[-E] --query --limit --offset
--file <file name and directory>
--db <db file>
Maximum number of events for which information is displayed.
--query
Returns information about the filtered events from the event log or the specified log rotation file.
--offset
Number of records by which to offset from the start of the sample.
--db
Database file name.
Task schedule management commands
[-T] --set-schedule <task ID>|<task name> --file <file name and directory>
Sets the task schedule settings or imports them from the configuration file into the task.
[-T] --get-schedule <task ID>|<task name> --file <file name and directory>
Returns the task schedule settings.
RuleType=Once|Monthly|Weekly|Daily|Hourly|Minutely|Manual|PS|BR
Task launch schedule.
PS
—Start the task after starting Kaspersky Endpoint Security.
BR
—Start the task after anti-virus databases are updated.
StartTime=[year/month/month_day] [hh]:[mm]:[ss]; [<month_day>|<week_day>]; [<period>]
Task start time.
RandomInterval=<min.>
Task run interval, if several tasks are running at the same time (in minutes).
ExecuteTimeLimit=<min.>
Limit the duration of task execution (in minutes). If 0 is specified, the task execution is not limited.
RunMissedStartRules
Enables or disables the start of a skipped task after Kaspersky Endpoint Security is started.
Examples: To schedule the task to start every ten hours, specify the following parameters:
To schedule the task to start every ten minutes, specify the following parameters:
To schedule the task to start on the 15th of every month, specify the following parameters:
To schedule the task to start on every Tuesday, specify the following parameters:
To schedule the task to start every 11 days, specify the following parameters:
|