Kaspersky Embedded Systems Security for Linux
3.3.0
English

Contents

Inventory

The Inventory task provides information about all applications executable files stored on the client devices. Obtaining information about the applications installed on the devices can be useful, for example, for creating Application Control rules.

The Kaspersky Security Center database can store information about up to 150,000 processed files. When this number of records is reached, new files will not be processed. To resume the Inventory Scan task, delete the files registered in the Kaspersky Security Center database as a result of previous inventories, from the device where Kaspersky Embedded Systems Security is installed.

Inventory Scan task settings

Setting

Description

Create golden image

This check box enables or disables the creation of the "Golden Image" category of applications based on the list of applications detected on the device by the Inventory Scan task. If the check box is selected, you can use the "Golden Image" category in the Application Control rules.

This check box is cleared by default.

Scan all executables

This check box enables or disables of executable file scans.

The check box is selected by default.

Scan binaries

This check box enables or disables of binary file scans (with extensions elf, java, and pyc).

The check box is selected by default.

Scan scripts

This check box enables or disables script scans.

The check box is selected by default.

Inventory scopes

The group of settings contains the Configure button. Clicking this button opens the Scan scopes window.

Task priority

In this group of settings you can select the task priority:

  • Low— the scan task is executed with a low priority: no more than 10% of processor resource consumption. Execution of the task takes more time, but the application allocates resources for other tasks.
  • Normal (default value) — the scan task is executed with a normal priority: no more than 50% of all processor resources.
  • High — the scan task is executed with a high priority, without limiting the consumption of processor resources. Specify this value to perform the current scan task faster.

In the Exclusion scopes section for the Inventory task, you can also configure scopes to be excluded from scans.

Page top
[Topic 202213]

Scan scopes window

The table contains the scan scopes. The application will scan files and directories located in the paths specified in the table. By default, the table contains one scan scope – /usr/bin.

Scan scope settings for the Inventory task

Setting

Description

Scope name

Scan scope name.

Path

Path to the directory that the application scans.

Status

The status indicates whether the application scans this scope.

You can add, edit, delete, move up, and move down items in the table.

Clicking the Move down button moves the selected item down in the table.

Kaspersky Embedded Systems Security scans objects in the specified scopes in the order they are listed in the table of scan scopes. If you want to configure security settings for a subdirectory that are different from the security settings of the parent directory, you must place the subdirectory higher than its parent directory in the table.

This button is available if a scope is selected in the table.

Clicking the Move up button moves the selected item up in the table.

Kaspersky Embedded Systems Security scans objects in the specified scopes in the order they are listed in the table of scan scopes. If you want to configure security settings for a subdirectory that are different from the security settings of the parent directory, you must place the subdirectory higher than its parent directory in the table.

This button is available if a scope is selected in the table.

Clicking the Delete button excludes the selected scope from scans.

This button is available if at least one scan scope is selected in the table.

The selected element's settings are changed in a separate window.

Clicking the Add button opens a window where you can specify the new item settings.

Kaspersky Embedded Systems Security scans objects in the specified scopes in the order they appear in the list of scopes. If necessary, place the subdirectory higher in the list than its parent directory, to configure security settings for a subdirectory that are different from the security settings of the parent directory.

Page top
[Topic 215256]

<New scan scope> window

In this window, you can add and configure scan scope for the Inventory task.

Inventory scope settings

Setting

Description

Scan scope name

Field for entering the scan scope name. This name will be displayed in the table in the Scan scopes window.

The entry field must not be blank.

Use this scope

This check box enables or disables the scan of this scope when the task is performed.

If this check box is selected, the application processes this scan scope while running the task.

If this check box is cleared, the application does not process this scan scope while running the task. You can later include this scope in task settings by selecting the check box.

The check box is selected by default.

File system, access protocol and path

Entry field for the path to the local directory that you want to include in the scan scope. You can use masks to specify the path.

You can use the * (asterisk) character to create a file or directory name mask.

You can indicate a single * character to represent any set of characters (including an empty set) preceding the / character in the file or directory name. For example, /dir/*/file or /dir/*/*/file.

You can indicate two consecutive * characters to represent any set of characters (including an empty set and the / character) in the file or directory name. For example, /dir/**/file*/ or /dir/file**/.

The ** mask can be used only once in a directory name. For example, /dir/**/**/file is an incorrect mask.

You can use a single ? character to represent any one character in the file or directory name.

The field must not be blank.

Masks

This list contains name masks of the objects that the application scans while running the task.

By default the list contains the * mask (all objects).

You can add, edit, or delete masks.

Clicking the Delete button removes the selected item from the table.

This button is available if at least one item is selected in the table.

The selected element's settings are changed in a separate window.

Clicking the Add button opens a window where you can specify the new item settings.

Page top

[Topic 213264]

Exclusion scopes window

This table contains scan exclusion scopes. The application does not scan files and directories located at the paths specified in the table. By default, the table is empty.

Exclusion scope settings

Setting

Description

Exclusion scope name

Exclusion scope name.

Path

Path to the directory excluded from scan.

Status

The status indicates whether the application uses this exclusion.

You can add, edit, and delete items in the table.

Clicking the Delete button excludes the selected scope from scans.

This button is available if at least one scan scope is selected in the table.

The selected element's settings are changed in a separate window.

Clicking the Add button opens a window where you can specify the new item settings.

Page top
[Topic 210496_2]

<New exclusion scope> window

In this window, you can add and configure scan exclusion scope for the Inventory task.

Exclusion scope settings

Setting

Description

Exclusion scope name

Field for entering the exclusion scope name. This name will be displayed in the table in the Exclusion scopes window.

The entry field must not be blank.

Use this scope

This check box enables or disables the exclusion of the scope when the task is executed.

If this check box is selected, the application excludes this scope during task execution.

If this check box is cleared, the application includes this scope during task execution. You can later exclude this scope from scanning by selecting the check box.

The check box is selected by default.

File system, access protocol and path

Entry field for the path to the local directory that you want to exclude from the inventory. You can use masks to specify the path. The field must not be blank.

You can use the * (asterisk) character to create a file or directory name mask.

You can indicate a single * character to represent any set of characters (including an empty set) preceding the / character in the file or directory name. For example, /dir/*/file or /dir/*/*/file.

You can indicate two consecutive * characters to represent any set of characters (including an empty set and the / character) in the file or directory name. For example, /dir/**/file*/ or /dir/file**/.

The ** mask can be used only once in a directory name. For example, /dir/**/**/file is an incorrect mask.

You can use a single ? character to represent any one character in the file or directory name.

Masks

The list contains name masks of the objects that the application excludes from scan.

You can add, edit, or delete masks.

Clicking the Delete button removes the selected item from the table.

This button is available if at least one item is selected in the table.

The selected element's settings are changed in a separate window.

Clicking the Add button opens the Object mask window. In this window, in the Define object mask field, you can specify the name template for files that Kaspersky Embedded Systems Security excludes from scans.

Examples:

The *.txt mask refers to all text files.

The *_my_file_??.html mask refers to html files starting with any characters, and ending with _my_file_ followed by any two characters (for example, 2020_my_file_09.html).

 

Page top

[Topic 213263]