About application trace files

A Kaspersky Embedded Systems Security trace file tracks the step-by-step execution of application commands and lets you find out at which stage the error occurs.

Application trace files are not generated by default. You can enable or disable generation of application trace files and define the level of detail in trace files in the command line via the general application settings and the graphical user interface.

If you have enabled the generation of application trace files, these files are saved in /var/log/kaspersky/kess/. Access to this directory requires root privileges.

To store trace files, the application needs disk space in addition to the disk space listed in minimum hardware requirements.

Trace files are stored on the device as long as the application is in use, and are deleted permanently when the application is removed. Trace files are not sent to Kaspersky automatically.

Trace files are saved in a human-readable format. It is recommended to protect information from unauthorized access before sending it to Kaspersky.

Application trace file contents

Trace files contain the following general data:

• Event time.
• Number of the thread of execution.
• Application component that caused the event.
• Degree of event severity (informational event, warning, critical event, error).
• A description of the event involving command execution by a component of the application and the result of execution of this command.

Trace files may store the following information in addition to general data:

• The statuses of the application components and their operational data.
• Data on user activity in the application.
• Data on the hardware installed on the device.
• Data about all operating system objects and events, including information about user activity.
• Data contained in the objects of the operating system (for example, the contents of files that may contain any user personal data).
• Network traffic data (for example, the contents of the entry fields on a website, which may include bank card information or any other sensitive data).
• Data received from Kaspersky servers (such as the version of the application databases).
• Data on consumed CPU resources.
• Data on consumed RAM resources.
• Data about file read and write operations by applications.
• Data on the amount of cached information required for the application to work.

Page top