How to enable traces in Kaspersky Embedded Systems Security 3.x
This article concerns:all version of Kaspersky Embedded Systems Security 3.
When creating a request to Kaspersky technical support, you may be asked to collect and attach trace files that may help find the step at which an error occurs.
Kaspersky Embedded Systems Security writes the information to trace and dump files unencrypted. The folder to which the files are saved is selected by the user and controlled by the settings of the operating system and Kaspersky Embedded Systems Security. You can change the permissions and allow access to log folders only for selected users.
How to enable traces through the console
You cannot change the settings through the console if making changes is not allowed by the active Kaspersky Security Center policy.
- Make sure there is enough free space on the disk before you enable traces.
- Open the console, right-click the Kaspersky Embedded Systems Security node and select properties.
- Open the Malfunction diagnosis tab.
- Select the check box Write debug information to trace file and specify the path to the folder to which trace files will be saved.
Do not use network drives of the server or drives created using the subst command.
- Adjust the parameters if needed:
- Level of detail
- Maximum size of trace files
- Maximum number of files for one trace log
- Debugged components (separate component codes with commas; the field is case-sensitive)
- Select the check box Create crash dump file and specify the path to the folder to which dump files will be saved.
- Click OK.
Debugging information of each process of Kaspersky Embedded Systems Security is saved to a separate trace file in a specified folder. When the maximum size of the trace file is reached, the new file is created and the old one is saved.
Do not leave the trace collection enabled for a long time. It may affect the server performance.
Subsystem codes in Kaspersky Embedded Systems Security
|Subsystem code||Subsystem name||Tracing start|
|gui||User interface subsystem, an application snap-in Microsoft Management Console (MMS).||Upon restart of the console.|
|ak_conn||Subsystem for integration with Network Agent.||Upon restart of Network Agent.|
|bl||Controller process Implements application management.||Upon saving the tracing settings.|
|wp||Operation process responsible for antivirus protection tasks|
|blgate||Remote application management process.|
|ods||On-Demand Scan subsystem|
|oas||Real-Time Protection subsystem|
|qb||Quarantine and backup storage subsystem|
|scandll||Auxiliary virus scan module|
|core||Basic antivirus functionality subsystem|
|avscan||Antivirus processing subsystem|
|avserv||Antivirus kernel control subsystem|
|prague||Basic functionality subsystem|
|updater||Subsystem responsible for database and application module updates|
|snmp||SNMP protocol support subsystem||Upon restart of the SNMP service|
|perfcount||Performance count subsystem||Upon restart of all processes which use performance counts|
The gui subsystem code includes tracing of the console installed on the protected server. To enable tracing of the separately installed console, use reg files.
How to enable tracing through Compact Diagnostic Interface
- Right-click the application icon on Taskbar.
- Select Open Compact Diagnostic Interface.
- Click Troubleshooting.
- Select the check box Write debug information to the trace file in this folder and specify the path to the folder to which trace files will be saved.
- Select the check box Create crash dump file on malfunction in this folder and specify the path to the folder to which dump files will be saved.
- Click Apply.
Trace and dump files will be saved to specified folders.
How to enable traces through the registry editor
- Download the archive:
- For version 3.2:
- For version 3.1:
- For version 3.0:
- Run the REG file:
- trace_on_x86.reg from the kess3.x_traces_x86.zip archive — for 32-bit operating systems
- trace_on_x64.reg from the kess3.x_traces_x64.zip archive — for 64-bit operating systems
Trace files will be written to the C:\Temp folder.
To disable traces, run the reg file:
- trace_off_x86.reg from the kess3.x_traces_x86.zip archive — for 32-bit operating systems
- trace_off_x64.reg from the kess3.x_traces_x64.zip archive — for 64-bit operating systems