Kaspersky Embedded Systems Security 3.4 for Linux Help

Kaspersky Embedded Systems Security for Linux

Print Support Send link

Configuring Inventory on the command line
- Inventory task settings
- Viewing a list of detected applications

Configuring Inventory on the command line

You can use the command line to inventory applications on the protected device as follows:

With the help of the Inventory_Scan predefined task. You can manually start or stop this task, and configure the task run schedule. You can configure scan settings by editing the settings of this task.
With the help of user inventory tasks (InventoryScan-type tasks). You can manually start, stop, pause, or resume user tasks and configure the task schedule.

You can view the list of applications detected on the device as a result of the Inventory task by using Application Control management commands.

In this section

Inventory task settings

Viewing a list of detected applications

Page top

Inventory task settings

The table describes all available values and the default values of all the settings that you can specify for the Inventory task.

Inventory task settings

Setting	Description	Values

`ScanScripts`	Enables script scanning.	`Yes` (default value) — Scan scripts. `No` — Do not scan scripts.
`ScanBinaries`	Enables binary files scanning (elf, java, and pyc).	`Yes` (default value) — Scan binaries. `No` — Do not scan binaries.
`ScanAllExecutable`	Enables the scanning of files with an executable bit.	`Yes` (default value) — Scan files with an executable bit. `No` — Do not scan files with an executable bit.
`GoldenImageAction`	The action that Kaspersky Embedded Systems Security must perform with the "Golden Image" application category upon completion of the Inventory task: You can use the "Golden Image" category in Application Control rules.	`DoNothing` (default) – do not change the "Golden Image" application category after completing the inventory. `Create` – add detected applications to the "Golden Image" application category. If the category does not exist, it is created. If the category exists, the list of applications in the category is updated. `Remove` – delete the "Golden Image" category after completing the inventory.
The [ScanScope.item_#] section contains the following settings:
`AreaDesc`	Description of the inventory scope. The maximum length of the string specified using this setting is 4096 characters.	Default value: `All objects`.
`UseScanArea`	Enables scans of the specified inventory scope. To run the task, enable scans of at least one inventory scope.	`Yes` (default value) — Scan the specified inventory scope. `No` — Do not scan the specified inventory scope.
`AreaMask.item_#`	Inventory scope limitation. In the inventory scan scope, the application scans only the files that are specified using the masks in the shell format. If this setting is not specified, the application scans all the objects in the inventory scope. You can specify several values for this setting.	The default value is `*` (scan all objects).
`Path`	Path to the directory with objects to be scanned.	`<path to local directory>` — Scan objects in the specified directory. Default value: `/usr/bin`
The [ExcludedFromScanScope.item_#] section contains the following settings:
`AreaDesc`	Description of the inventory exclusion scope.	The default value is not defined.
`UseScanArea`	Excludes the specified scope from the inventory.	`Yes` (default value) — Exclude the specified scope. `No` — Do not exclude the specified scope.
`AreaMask.item_#`	Limiting the inventory exclusion scope using shell masks. If this setting is not specified, the application excludes all the objects in the inventory scope. You can specify several values for this setting.	Default value: `*` (exclude all objects)
`Path`	Path to the directory with objects to be excluded.	`<path to local directory>` — Exclude objects in the specified directory from scan. You can use masks to specify the path. You can use the `` (asterisk) character to create a file or directory name mask. You can indicate a single `` character to represent any set of characters (including an empty set) preceding the `/` character in the file or directory name. For example, `/dir//file` or `/dir///file`. You can indicate two consecutive `` characters to represent any set of characters (including an empty set and the `/` character) in the file or directory name. For example, `/dir/*/file/` or `/dir/file/`. The `` mask can be used only once in a directory name. For example, `/dir///file` is an incorrect mask. You can use a single `?` character to represent any one character in the file or directory name.

Page top

Viewing a list of detected applications

To view the list of applications detected on the device, execute the following command:

kess-control --get-app-list [--json]

where --json means output data in JSON format.

Kaspersky Embedded Systems Security displays the following information about the detected applications:

Date and time of inventory. Date and time when the Inventory task was performed
Number of applications. The number of applications detected on the device
The list of applications containing the following information:
- Path. Path to the application.
- Hash. Application hash sum.
- Type. Application type. For example, Script, Executable.
- Categories. Categories that the application belongs to (if they were previously created). You can view the list of created application categories using the kess-control --get-categories command.
When you add a new category, its information is not automatically updated in the application list. To update the application list, you need to restart the Inventory task.

Page top

Contents

Configuring Inventory on the command line

Inventory task settings

Viewing a list of detected applications