LANDesk Antivirus logging information

Version 18

    Verified Product Versions

    Endpoint Manager 9.5Endpoint Manager 9.6

    applies to LDMS 9.0 and 9.5 (pre-SP1)  for newer versions see: How to Troubleshoot Ivanti Antivirus



    What log files are used for troubleshooting LANDesk Antivirus?







    Is there a way to enable more verbose logging?





    In the steps below, running AVSERVICE.EXE /LOG will cause a KAVE.INI file to be created in the LDCLIENT\Antivirus directory.  This file does not need to be created by hand.   After restarting the LANDesk Antivirus service ("NET START LDAVSERVICE"), you will notice the KAVE_{PID}.log files starting to grow in the LDCLIENT\Antivirus directory.



    GetSystemInfo Utility


    The GetSystemInfo gathers details information about a computer, including hardware information, operating systems, drivers, installed, software, etc.  This utlity can be very useful for determining the cause of certain issues.




    • 1. Run GetSystemInfo.exe on the computers with the problem.
    • 2. Click the button Create report in the right part of the main window.
    • 3. Wait until the utility has completely scanned the system.
    • 4. Click OK to confirm the creation of a report.

    A file will be created with the default name GetSystemInfo_<USER>  Attach this report to your created case, or e-mail it to your LANDesk Support technician.


    This GetSystemInfo report can then be parsed and further analyzed by doing the following:


    1. Browse to
    2. From the GetSystemInfo web site click "Choose file" and then browse to the GetSystemInfo .TXT file and upload it to the site.

    GSI executable has been attached to this doc as link may have changed.


    Utility for gathering log file information


    Attached to this article is a utility that will automatically gather all of the Antivirus Log files (except the verbose logs) and settings information from the affected client.


    This creates a compressed .CAB file of all of the log files documented in this article, plus the .XML settings files for Antivirus Behavior.


    Detailed Steps:


    1. Download "" attached to this article.

    2. Extract GatherAVLogs.ZIP to any directory

    3. Run GatherLogs.exe and wait for a minute until the is fully created.

    4. Send the file to the LANDesk Technician.

    Note:  If uploading to the LANDesk FTP server it may be necessary to rename the file to as a file may already exist called "".


    Note: The GatherLogs utility will not gather the GetSystemInfo log.  This must be sent seperately to the Support Technician.


    Turning on Advanced Logging for the Updater SDK (for troubleshooting definition download issues)


    1. Copy the attached UPDSDK.XML to the \ManagementSuite\LDLogon\Antivirus8 folder on the core server.

    2. Download antivirus pattern files


    This will create an UpdaterSDK7.log file in C:\Windows\SysWow64 (for 64-bit systems) or C:\Windows\System (for 32-bit systems)