ScanScripts

Enables script scanning.

Yes (default value) — Scan scripts.

No — Do not scan scripts.

ScanBinaries

Enables binary files scanning (elf, java, and pyc).

Yes (default value) — Scan binaries.

No — Do not scan binaries.

ScanAllExecutable

Enables the scanning of files with an executable bit.

Yes (default value) — Scan files with an executable bit.

No (default value) — Do not scan files with an executable bit.

ScanPriority

Task priority. Task priority is a parameter that combines a number of internal Kaspersky Industrial CyberSecurity for Linux Nodes settings and process start settings. By using this parameter, you can specify the way the application consumes system resources for running tasks.

Idle — Run the task with a low priority: no more than 10% of processor resource consumption. Specify this value to release the application resources for other tasks, including user processes. The current scan task takes longer to complete.

Normal (default value) — Run the task with a normal priority: no more than 50% of all processors resources.

High — Run the task with a high priority, without limiting the consumption of processor resources. Specify this value to perform the current scan task faster.

CreateGoldenImage

Enables creation of the "Golden Image" category of applications based on the list of applications detected on the computer by the Inventory task. If CreateGoldenImage=Yes, then the "Golden Image" application category can be used in the application control rules.

Yes – create the "Golden Image" category of applications.

No (default value) – do not create the "Golden Image" category of applications.

The [ScanScope.item_#] section contains the following settings:

AreaDesc

Description of inventory scope; contains additional information about the inventory scope. The maximum length of the string specified using this setting is 4096 characters.

Default value: All objects.

UseScanArea

Enables scans of the specified inventory scope. To run the task, enable scans of at least one inventory scope.

Yes (default value) — Scan the specified inventory scope.

No — Do not scan the specified inventory scope.

AreaMask

Inventory scope limitation. In the inventory scope, the application scans only the files that are specified using the masks in the shell format.

If this setting is not specified, the application scans all the objects in the inventory scope. You can specify several values for this setting.

The default value is * (scan all objects).

Path

Path to the objects to be scanned.

The value of the Path setting consists of two elements: <file system type>:<access protocol>. It may also contain the path to the directory in the local file system.

<path to local directory> — Scan objects in the specified directory.

Default value: /usr/bin

The [CustomSources.item_#] section contains the following settings:

AreaDesc

Description of the inventory exclusion scope; contains additional information about the inventory scope.

The default value is not defined.

UseScanArea

Excludes the specified scope from the inventory.

Yes (default value) — Exclude the specified scope.

No — Do not exclude the specified scope.

AreaMask

Limiting the inventory exclusion scope using shell masks.

If this setting is not specified, the application excludes all objects in the inventory scope. You can specify several values for this setting.

Default value: * (exclude all objects)

Path

The path to the objects to be excluded.

The value of the Path setting consists of two elements: <file system type>:<access protocol>. It may also contain the path to the directory in the local file system.

<path to local directory> — Exclude objects in the specified directory from scans. You can use masks to specify the path.