Q202447: How to scan for executable files using the Managed Device Inventory agent

Summary

This article covers how to scan for executables using the Inventory agent on Windows and UNIX.

 

Discussion

On all versions you will need to specify the IncludeDirectory property to specify what to scan e.g. IncludeDirectory="/" for UNIX or IncludeDirectory="\" for Windows will scan the entire drives. Alternatively you can specify specific directories or environment variables e.g. IncludeDirectory="/usr/local/" on UNIX or IncludeDirectory="%WINDIR%\System32" on Windows.

Once you have the directory specified you then need to specify the type of files to look for and this is more involved so is covered in more detail below:

On 8.2 UNIX devices will not scan for executable files by default and Windows devices scans for both executables and dlls (you only need the executables). Instead you have to configure the following settings under the Tracker section of the registry / config files:
Windows - ExcludeExtension=dll
UNIX - ExcludePermissionsMask = !0111
 
On 8.4 files with the dll extension are excluded by default so Windows is configured for executables out of the box in 8.4 and above. So the following settings are for UNIX only.
 
8.4 - Use the same property as above: UNIX - ExcludePermissionsMask = !0111
 
8.5 - Due to the limitations of ExcludePermissionsMask (covered in Additional Information below) a new property has been introduced to perform this task and that is: IncludeExecutables=true
This new IncludeExecutables property will only add executable files to the inventory.

 

Additional Information

The ExcludePermissionsMask property will add only files that have the execute attribute added to the file, this will reduce the number of non-executable files returned however some publishers add execute permissions to non-executable files and this property will pick these up as well.

Comments

Powered by Zendesk