How to collect system statistics in Kaspersky Security for Virtualization 6.0 Agentless
The article concerns:
- Kaspersky Security for Virtualization 6.1 Agentless
- Kaspersky Security for Virtualization 6.0 Agentless
System statistics are information about the current state of the operating system which is constantly logged into a file.
System statistics are collected for the following hardware and software resources:
- Operating system
- CPU
- Virtual memory
- Disk space
- Runtime processes of the File Threat Protection and Network Threat Protection components
The application collects the statistics by default. This option cannot be disabled.
What data Kaspersky Security for Virtualization 6.0 Agentless collects
The application collects the following data about the operating system:
- Success reads/writes number – number of successful read and write operations on each data storage device (sda (n), sr0). The information is derived from the /proc/diskstats file.
- Opened descriptors number – number of descriptors currently opened in the system. The information is derived from the /proc/sys/fs/file-nr.
- Load average – number of processes in the execution queue. The average load is displayed as three values: for 1, 5, and 15 minutes. Information is derived using the top utility.
- CPU info (%) – CPU load. CPU info includes:
- user_time – rate of CPU utilization by user processes
- user_time – rate of CPU utilization by system processes
- nice_time – rate of CPU utilization by processes with the priority increased by the nice command
- idle_time – CPU idle time
- io_wait_time – rate of CPU utilization by processes waiting for completion of input/output operations
- hard_irq_time – rate of CPU utilization by hardware interrupt handlers
- soft_interr_time – rate of CPU utilization by software interrupt handlers
- steal_time – amount of CPU resources taken by a hypervisor from a virtual machine for other tasks
- user_time – rate of CPU utilization by user processes
- System virtual memory usage (%) – rate of virtual memory utilization by all processes The information is derived from the /proc/meminfo file.
- Used partitions space (%) – rate of disk space utilization on each sda partition (1,4,5,6,7).
The application collects the following data about the ksvmain runtime processes of the File Threat Protection component and nsmain processes of the Network Threat Protection component:
- Product pid – ksvmain and nsmain process ID
- Product virtual memory usage (Mb) – virtual memory utilization by the ksvmain and nsmain processes in megabytes
- Product resident memory usage (Mb) – physical memory utilization by the ksvmain and nsmain processes in megabytes
- Product CPU usage (%) – CPU utilization by the ksvmain and nsmain processes
Where the system statistics are stored
The system statistics are stored in the following files of the /var/log folder:
- mr_system_stat_ksv.log
- mr_product_stat_ksv.log