The table describes all available values and the default values of all the settings that you can specify for the Inventory Scan task.
|
|
|
Setting
|
Description
|
Values
|
ScanScripts
|
Enables script scanning.
|
Yes (default value) — Scan scripts.
No — Do not scan scripts.
|
ScanBinaries
|
Enables binary files scanning (elf, java, and pyc).
|
Yes (default value) — Scan binaries.
No — Do not scan binaries.
|
ScanAllExecutable
|
Enables the scanning of files with an executable bit.
|
Yes (default value) — Scan files with an executable bit.
No — Do not scan files with an executable bit.
|
ScanPriority
|
Task priority. Task priority is a parameter that combines a number of internal Kaspersky Endpoint Security settings and process start settings. By using this parameter, you can specify the way the application consumes system resources for running tasks.
|
Idle — Run the task with a low priority: no more than 10% of processor resource consumption. Specify this value to release the application resources for other tasks, including user processes. The current scan task takes longer to complete.
Normal (default value) — Run the task with a normal priority: no more than 50% of all processors resources.
High — Run the task with a high priority, without limiting the consumption of processor resources. Specify this value to perform the current scan task faster.
|
CreateGoldenImage
|
Enables creation of the "Golden Image" category of applications based on the list of applications detected on the computer by the Inventory Scan task. If CreateGoldenImage=Yes , then the "Golden Image" application category can be used in the application control rules.
|
Yes – create the "Golden Image" category of applications.
No (default value) – do not create the "Golden Image" category of applications.
|
The [ScanScope.item_#] section contains the following settings:
|
AreaDesc
|
Description of inventory scan scope; contains additional information about the inventory scan scope. The maximum length of the string specified using this setting is 4096 characters.
|
Default value: All objects .
|
UseScanArea
|
Enables scans of the specified inventory scope. To run the task, enable scans of at least one inventory scope.
|
Yes (default value) — Scan the specified inventory scope.
No — Do not scan the specified inventory scope.
|
AreaMask
|
Inventory scan scope limitation. In the inventory scan scope, the application scans only the files that are specified using the masks in the shell format.
If this setting is not specified, the application scans all the objects in the inventory scope. You can specify several values for this setting.
|
The default value is * (scan all objects).
|
Path
|
Path to the directory with objects to be scanned.
|
< path to local directory > — Scan objects in the specified directory.
Default value: /usr/bin
|
The [ExcludedFromScanScope.item_#] section contains the following settings:
|
AreaDesc
|
Description of the inventory exclusion scope; contains additional information about the inventory scan scope.
|
The default value is not defined.
|
UseScanArea
|
Excludes the specified scope from the inventory.
|
Yes (default value) — Exclude the specified scope.
No — Do not exclude the specified scope.
|
AreaMask
|
Limiting the inventory exclusion scope using shell masks.
If this setting is not specified, the application excludes all objects in the inventory scan scope. You can specify several values for this setting.
|
Default value: * (exclude all objects)
|
Path
|
Path to the directory with objects to be excluded.
|
< path to local directory > — Exclude objects in the specified directory from scan. You can use masks to specify the path.
You can use the * (asterisk) character to create a directory name mask.
A single * replaces any number of any characters in the path except for the delimiter (/ ) and can be combined with regular characters. Two consecutive * characters replace any number of path elements, and must be separated from other characters by a delimiter (/ ).
For example, the /dir/example/123/subdir directory matches the following masks: /**/subdir (the ** characters match /dir/example/123 ) and /dir/ex*/*/*dir (the ex* characters match example , the next * character matches 123 , and the *dir characters matches subdir ), but it does not match the following masks: /dir/**/example/123/subdir (the path does not contain an element between dir and example ) and /dir/ex*/*dir (after ex* matches example , the path contains 123 , that does not match *dir ).
To exclude the mount point /dir , you need to specifically write /dir (no asterisk), since /dir/* excludes all mount points at the level below /dir but not /dir itself. And /dir/** excludes all mount points at all levels below /dir but not /dir itself.
|