Inventory Scan task (Inventory_Scan, ID:22)
- Inventory task settings
- Viewing a list of detected applications

Inventory Scan task (Inventory_Scan, ID:22)

The Inventory Scan task provides information about all application executable files stored on the user devices. Obtaining information about the applications installed on the devices can be useful, for example, for creating Application Control rules.

To use the task, a license that includes the corresponding function is required.

In this Help section

Inventory task settings

Viewing a list of detected applications

Page top

Inventory task settings

The table describes all available values and the default values of all the settings that you can specify for the Inventory task.

Inventory task settings

Setting	Description	Values

`ScanScripts`	Enables script scanning.	`Yes` (default value) — Scan scripts. `No` — Do not scan scripts.
`ScanBinaries`	Enables binary files scanning (elf, java, and pyc).	`Yes` (default value) — Scan binaries. `No` — Do not scan binaries.
`ScanAllExecutable`	Enables the scanning of files with an executable bit.	`Yes` (default value) — Scan files with an executable bit. `No` — Do not scan files with an executable bit.
`CreateGoldenImage`	Adds applications detected on the device by the Inventory task to the Golden Image category. If `CreateGoldenImage=Yes`, then you can use the "Golden Image" application category in the Application Control rules.	`Yes` – add detected applications to the "Golden Image" application category. `No` (default value) – do not add detected applications to the "Golden Image" application category.
The [ScanScope.item_#] section contains the following settings:
`AreaDesc`	Description of the inventory scope. The maximum length of the string specified using this setting is 4096 characters.	Default value: `All objects`.
`UseScanArea`	Enables scans of the specified inventory scope. To run the task, enable scans of at least one inventory scope.	`Yes` (default value) — Scan the specified inventory scope. `No` — Do not scan the specified inventory scope.
`AreaMask.item_#`	Inventory scope limitation. In the inventory scan scope, the application scans only the files that are specified using the masks in the shell format. If this setting is not specified, the application scans all the objects in the inventory scope. You can specify several values for this setting.	The default value is `*` (scan all objects).
`Path`	Path to the directory with objects to be scanned.	`<path to local directory>` — Scan objects in the specified directory. Default value: `/usr/bin`
The [ExcludedFromScanScope.item_#] section contains the following settings:
`AreaDesc`	Description of the inventory exclusion scope.	The default value is not defined.
`UseScanArea`	Excludes the specified scope from the inventory.	`Yes` (default value) — Exclude the specified scope. `No` — Do not exclude the specified scope.
`AreaMask.item_#`	Limiting the inventory exclusion scope using shell masks. If this setting is not specified, the application excludes all the objects in the inventory scope. You can specify several values for this setting.	Default value: `*` (exclude all objects)
`Path`	Path to the directory with objects to be excluded.	`<path to local directory>` — Exclude objects in the specified directory from scan. You can use masks to specify the path. You can use the `` (asterisk) character to create a file or directory name mask. You can indicate a single `` character to represent any set of characters (including an empty set) preceding the `/` character in the file or directory name. For example, `/dir//file` or `/dir///file`. You can indicate two consecutive `` characters to represent any set of characters (including an empty set and the `/` character) in the file or directory name. For example, `/dir/*/file/` or `/dir/file/`. The `` mask can be used only once in a directory name. For example, `/dir///file` is an incorrect mask. You can use a single `?` character to represent any one character in the file or directory name.

Page top

Viewing a list of detected applications

You can view the list of applications detected on the device by executing the Inventory Scan task. Obtaining information about the applications installed on the devices can be useful, for example, for creating Application Control rules.

To view the list of applications detected on the device, execute the following command:

kesl-control [-A] --get-app-list

Kaspersky Endpoint Security displays the following information about the detected applications:

Date and time of inventory. Date and time when the Inventory task was performed
Number of applications. The number of applications detected on the device
The list of applications containing the following information:
- Path. Path to the application.
- Hash. Application hash sum.
- Type. Application type. For example, Script, Executable.
- Categories. Categories that the application belongs to (if they were previously created). You can view the list of created application categories using the command kesl-control [-A] --get-categories.
When you add a new category, its information is not automatically updated in the application list. To update the application list, you need to restart the Inventory task.

Page top

Kaspersky Endpoint Security for Linux

Contents

Inventory Scan task (Inventory_Scan, ID:22)

Inventory task settings

Viewing a list of detected applications