Configure logging in Kaspersky’s server anti-virus products

By tom on June 8th, 2009

Last week we learned an important lesson: do not leave the default logging values in Kaspersky’s anti-virus products.

If you install Kaspersky Security 6.0 for Exchange 2007, 2 different logs will be kept: one common log (which contains information about the applications’ activity) and an anti-virus log (which contains the results of the anti-virus scans). The default logging values are to have one log per month, keep 4 of these logs before rotating them and a minimal logging level. Also by default these files reside in your Program Files under the folder Kaspersky Labs.

Last week, we noticed that on this exchange servers’ root drive there was only 300MB left. After analysis we discovered that the Kaspersky log files where over 36GB in size!

You can configure the logging values in your Kaspersky Management Console under General Settings –> Diagnostics tab.

Hereunder you can find a screenshot where you can see that we have moved the log files from the Program Files folder to a drive used to store only log files and that we changed the setting to keep 2 months of logging.

 

I hope this helps.

Tom