About SVM trace files

Information about application operation may be logged to the following trace files located on SVMs:

• On an SVM with the File Anti-Virus component:
  • /var/log/kaspersky/ksv/connector.log
  • /var/log/kaspersky/ksv/wdserver.log
  • var/log/kaspersky/ksv/klmount.log
  • /var/log/kaspersky/klnagent/klnagent.log
  • /var/log/ksv
  • /var/log/messages
• On an SVM with the Network Threat Detection component:
  • /var/log/kaspersky/ksvns/connector.log
  • /var/log/kaspersky/ksvns/wdserver.log
  • /var/log/kaspersky/klnagent/klnagent.log
  • /var/log/ksv
  • /var/log/messages

SVM trace files are created only after logging of information about SVM operation is enabled. By default, information about SVM operation is not saved. To enable logging of information to SVM trace files, you must perform the steps described on the application page in the Knowledge Base.

In addition to general data, SVM trace files may contain the following information:

• Names of scanned files and the paths to them on the virtual machine. Personal data (last name, first name, and middle name, email address, user account name) may also be saved if this data is contained in the paths or names of scanned files.
• Scanned web addresses, IP addresses and names of virtual machines, information about the virtual local area network (VLAN), information about the Ethernet, IP, TCP, and UDP headers for each network packet.
• Information about drive mounts for scanning powered off virtual machines, lists of file systems and their IDs.
• Information about operating system events.
• Information about events that occurred during interaction with Kaspersky Security Center.
• Information about events that occurred during operation of the watchdog service.