Inventory. Scan settings section

The Inventory Scan task provides information about all applications executable files stored on the client devices. Obtaining information about the applications installed on the computers can be useful, for example, for creating application control rules.

This feature is not supported in the KESL container.

To use the task, a license that includes the corresponding function is required.

The Kaspersky Security Center database can store information about up to 150,000 processed files. When this number of records is reached, new files will not be processed. To resume the Inventory Scan task, it is necessary to delete the files registered in the Kaspersky Security Center database as a result of previous inventories from the computer on which Kaspersky Endpoint Security is installed.

Inventory Scan task settings

Setting	Description
Task priority	In this group of settings you can select the task priority: Low— the scan task is executed with a low priority: no more than 10% of processor resource consumption. Executing the task takes more time, but the application allocates resources for other tasks. Normal (default value) — the scan task is executed with a normal priority: no more than 50% of all processor resources. High — the scan task is executed with a high priority, without limiting the consumption of processor resources. Specify this value to perform the current scan task faster.
Create golden image	This check box enables or disables the creation of the "Golden Image" category of applications based on the list of applications detected on the device by the Inventory Scan task. If the check box is selected, the "Golden Image" application category can be used in the application control rules. This check box is cleared by default.
Scan all executables	This check box enables or disables of executable file scans. The check box is selected by default.
Scan binaries	This check box enables or disables of binary file scans (with extensions elf, java, and pyc). The check box is selected by default.
Scan scripts	This check box enables or disables script scans. The check box is selected by default.
Inventory scopes	The table contains the inventory scopes scanned by the task. By default, the table contains one scan scope – /usr/bin. You can add, configure, delete, move up, or move down inventory scopes in the table. Clicking the Move down button moves the selected item down in the table. Kaspersky Endpoint Security scans objects in the specified scopes in the order they are listed in the table of scan scopes. If you want to configure security settings for a subdirectory that are different from the security settings of the parent directory, you must place the subdirectory higher than its parent directory in the table. This button is available if a scope is selected in the table. Clicking the Move up button moves the selected item up in the table. Kaspersky Endpoint Security scans objects in the specified scopes in the order they are listed in the table of scan scopes. If you want to configure security settings for a subdirectory that are different from the security settings of the parent directory, you must place the subdirectory higher than its parent directory in the table. This button is available if a scope is selected in the table. Clicking the Delete button excludes the selected scope from scans. This button is available if at least one scan scope is selected in the table. Clicking the scan scope name opens the <Scan scope name> window. In this window, you can modify the settings of the selected scan scope. Clicking the Add button opens the <New scan scope> window. In this window, you can define a new scan scope.

Page top