Agent Data Collection
After scanning your environment, the Software Vulnerability Manager Agent collects the following data, which is summarized into a single POST to <your CSI on-prem server host name>. The Agent collects data from Windows, Red Hat Enterprise Linux (RHEL) and Mac OS X operating systems. The data collected varies by operating system as described below.
All Operating Systems
-
Machine name
-
MachineGUID (generated by Flexera)
-
System type (architecture / operating system)
-
IP address
-
MAC address
-
Time (GMT, local)
Windows
-
Distinguished name
-
List of security Knowledge Base articles installed or pending, source thereof
-
List of vulnerable and unrecognized applications from the File System scan:
-
Sends only:
-
File path
-
File size
-
Metadata from the Portable Executable (PE) header to recognize known software (Examples: timestamp, machine architecture)
-
Metadata from the Version Block to recognize known software (Examples: product name, product version, company name, original file name, internal name, file version, comments, file description, legal copyright, legal trademarks, private build, special build)
-
-
Files collected are filtered by scan rules or type
-
-
Locations of well-known system folders (Example:
C:\Program Files) -
List of drives discovered or scanned
-
Processing time and other profiling measures
Red Hat Enterprise Linux (RHEL)
-
List of installed Red Hat Package Managers (RPMs) from rpm
-
List of packages with security updates using the Yellowdog Updater Modified (YUM) tool
Mac OS X
-
List of applications from the File System scan of .plist sends only:
-
File path
-
Metadata from the plist used to recognize known software (Examples: author; description; CFBundle: display name, identifier, short version string, version, executable, get info string, name, package type; NSHumanReadableCopyright)
-
-
List of operating system updates queried from the system.