Kaspersky Anti Targeted Attack Platform
5.0
English

Contents

Configuring tracing

This section provides information related to Kaspersky Endpoint Agent for Windows. This information may be partially or completely inapplicable to Kaspersky Endpoint Agent for Linux. For complete information about Kaspersky Endpoint Agent for Linux, please refer to the Help of the solution that includes the application: Kaspersky Anti Targeted Attack Platform or Kaspersky Managed Detection and Response.

Kaspersky Endpoint Agent does not automatically create a folder for storing trace or dump files on the device. Specify a folder that is already available on the device.

To configure tracing in Kaspersky Endpoint Agent using the command line interface:

  1. On the device, run a command line interpreter (for example, Command Prompt cmd.exe) with the permissions of the local administrator.
  2. Using the cd command, navigate to the folder where the Agent.exe file is located.

    For example, enter the command cd "C:\Program Files (x86)\Kaspersky Lab\Endpoint Agent\" and press ENTER.

  3. Enter one of the following commands and press ENTER:
    • agent.exe --trace=enable --folder <path to the folder where the trace files are to be saved> to enable tracing.

      Tracing will be enabled for all Kaspersky Endpoint Agent processes that are currently running. Trace files will be created in the folder you specified.

      Make sure that the specified folder is available on the managed device. Otherwise, trace files will not be created.

    • agent.exe --trace=enable --folder <path to the folder where the trace files are to be saved> --rotation=yes --rotate-file-size=<maximum file size, MB> --rotate-files-count=<maximum number of files>, enables tracing with overwriting old trace files when the values specified for the size and number of the trace files are reached.

      The specified limit on the number of files is applied separately for each Kaspersky Endpoint Agent process being debugged, so the total number of files for all processes may exceed the specified value. If you do not specify the --rotate-file-size or --rotate-files-count parameters (one or both) with the --rotation=yes parameter, the application uses the default values. The default value is 1 file of 50 MB.

    • agent.exe --trace=disable disables tracing.

      Tracing will be disabled for all Kaspersky Endpoint Agent processes that are currently running.

    • agent.exe --trace=show shows the current tracing status and the path to the folder to save the trace files.

      The values of the trace.enable (true, if tracing is enabled or false, is tracing is disabled) and trace.folder (path to the folder) settings will be displayed.

Return codes of the --trace command:

  • -1 – command is not supported.
  • 0 – command successfully executed.
  • 1 – required argument is not passed to the command.
  • 2 – general error.
  • 4 – syntax error.
  • 5 – object not found (the specified path to the tracing logs folder is not found).
  • 9 – invalid operation (for example, an attempt to execute the --trace=disable command, if tracing is already disabled).

Page top

[Topic 193448]