Configuring the On-demand Scan task
Oct 22, 2023
For the on-demand scan tasks of the ODS and ContainerScan types, scan exclusions can be configured as described for the File Threat Protection task, but exclusion of the mount points is not applicable.
The on-demand scan tasks have the
ScanPriority setting, which allows you to specify how the application allocates system resources for running tasks.
Idle– no more than 10% load on one processor (regardless of whether it is busy or not).
Normal– 50% load on all available processors.
High– without limitations.
Limitations on the processor load also reduce resource consumption by the disk subsystem input/output.
To specify the Idle priority for a task, execute the following command:
kesl-control --set-settings <
Setting the memory usage limits when unpacking archives
The on-demand scan task uses RAM to unpack archives when scanning the archives recursively. By default, the application's limit is 40% of all available RAM, but not less than 2 GB. Therefore, if the system has more than 5 GB of RAM, you can manually set the memory usage limit. This is especially useful for the servers that have hundreds of gigabytes of RAM.
To specify a limit on memory use when scanning:
- Stop Kaspersky Endpoint Security.
- Open the /var/opt/kaspersky/kesl/common/kesl.ini file for editing.
- Add the
ScanMemoryLimitsetting with the required value (for example, 8192) to the
- Start Kaspersky Endpoint Security.
ScanMemoryLimit setting limits the amount of memory used when scanning files, but not the total amount of memory used by the application. So, the total amount of memory can be greater than the value specified by this setting.