About SVM trace files
December 13, 2023
Information about application operation may be logged to the following trace files located on SVMs:
- on an SVM with the File Threat Protection component:
- on an SVM with the Network Threat Protection component:
- on an SVM with the File Threat Protection component and on an SVM with the Network Threat Protection component:
By default, information about the application operation is not saved. To enable logging of information to SVM trace files, you must perform the steps described on the application page in the Knowledge Base.
In addition to general data, SVM trace files may contain the following information:
- Names of scanned files and the paths to them on the virtual machine. Personal data (last name, first name, and middle name, email address, user account name) may also be saved if this data is contained in the paths or names of scanned files.
- Scanned web addresses, IP addresses and names of virtual machines, information about the virtual local area network (VLAN), information about the Ethernet, IP, TCP, and UDP headers for each network packet.
- Information about drive mounts for scanning powered-off virtual machines, lists of file systems and their IDs.
- Information about operating system events.
- Information about events that occurred during interaction with Kaspersky Security Center.
- Information about events that occurred during operation of the watchdog service.
- Information about SVM operation in the multitenancy mode and about SVM settings received from the Integration Server.