Data contained in task completion reports
8 November 2023
ID 194535
Prior to being sent to the Central Node component, the reports and relevant files are temporarily saved on the hard disk of the computer with the Kaspersky Endpoint Agent application. The task completion reports are saved in archived non-encrypted form in the folder C:\ProgramData\Kaspersky Lab\Endpoint Agent\protected\kata\data_queue.
By default, only users with System and Administrator permissions have read-access to files when Self-Defense is enabled. When Self-Defense is disabled, users with System and Administrator permissions can also delete the files, modify their contents, and modify the access rights to them. The Kaspersky Endpoint Agent application does not manage access permissions to this folder or any files in it. It is the system administrator who determines access permissions.
Task completion reports contain the following information:
- Data on task output.
- Data on executable modules.
- Data on operating system processes.
- Data on user accounts.
- Data on user sessions.
- Fully qualified domain name of the computer.
- Unique ID of the computer with Kaspersky Endpoint Agent.
- Files of the computer with Kaspersky Endpoint Agent.
- Names of alternate streams of NTFS.
- Full paths to files on the computer with Kaspersky Endpoint Agent.
- Full names of folders on the computer with Kaspersky Endpoint Agent.
- Content of the process standard output.
- Content of the process standard error stream.
