Container scan settings

Namespace and container scan enabled / disabled

This toggle button enables or disables namespace and container scans.

The check toggle button is switched on by default.

Action with container upon threat detection

You can select the action that the application performs on a container when it detects an infected object:

• Skip container: if an infected object is detected, the application does not perform any action on the container.
• Stop container: if an infected object is detected, the application stops the container.
• Stop container if disinfection fails (default value) – the application stops the container if disinfection of the infected object fails.

This setting is available when using the application under a license that supports this function.

Use Docker

This check box enables or disables the use of the Docker environment.

The check box is selected by default.

Docker socket path

Entry field for the path or URI (Uniform Resource Identifier) of the Docker socket.

The default value is /var/run/docker.sock.

Use CRI-O

The check box enables or disables the use of the CRI-O environment.

The check box is selected by default.

File path

Entry field for the path to CRI-O configuration file.

Default value: /etc/crio/crio.conf.

Use Podman

The check box enables or disables the use of the Podman utility.

The check box is selected by default.

File path

Entry field for the path to the Podman utility executable file.

Default value: /usr/bin/podman.

Root folder

Entry field for the path to the root directory of the container storage.

Default value: /var/lib/containers/storage.

Use runc

The check box enables or disables the use of the runc utility.

The check box is selected by default.

File path

Entry field for the path to the runc utility executable file.

Default value: /usr/bin/runc.

Root folder

Entry field for the path to the root directory of the container state storage.

Default value: /run/runc-ctrs.