Jump to content

How to renew KEA unique identifier on cloned devices [Kaspersky Endpoint Agent]

Recommended Posts


You may use images with installed KEA that are distributed to multiple devices, or some hardware vendors (ACER) do not comply with standards and sell hardware with non-unique BIOS IDs, etc.

As a result, a telemetry from different agents may end up merged into a single record.


  • Certain hostnames are present in KATA alerts, but search returns 0 events. Moreover, such hostnames are not present in the agent list. If looked up by an IP in the database/logs, UUID is found to be non-unique or belonging to other host.
  • The same UUID is found in KEA logs from different machines.
  • There is UUID 03000200-0400-0500-0006-000700080009 in the logs.
  • There is UUID 6ab5b300-538d-1014-9fb5-b0684d007b53 in the logs.
  • There is UUID 0bea76da-28ca-4e13-9715-361a8bbf3bc8 in the logs.


Run the new script on the affected machine to reset the UUID.

Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in

Sign In Now

  • Create New...