Setting Exclusions for the SUA Scanner

This page has not been liked. Updated 4/12/13, 11:06 AM by KarenKueTags: None

The SUA Scanner may be configured to search using options other than the default parameters. This article details how to change the file type inclusion and the directory path exclusion parameters.

 

File Type Inclusions

By default, the SUA Scanner will search the file system for files with .exe or .com extensions. However, other file extensions may be specified by passing additional information to the SUA Scanner. To have the SUA Scanner include additional file types, create one or more files with the naming convention: C:\Program Files\BigFix Enterprise\BES Client\DSS\SAM\paths\include_extensions*.txt

Example: C:\Program Files\BigFix Enterprise\BES Client\DSS\SAM\paths\include_extensions_plaintext.txt

Each line of this file should contain the file extensions to include in the scan. For example, to include text and HTML files, put these lines in an appropriately named file:

  • .txt
  • .htm
  • .html

The lines in the "include_extensions" file(s) are matched against file names on the endpoint using a regular expression which does a case-insensitive comparison against the end of the full path.

Note: If this value is set and does not include .exe as one of the options, that endpoint will not report correct inventory data in DSS:SAM.

Note: Used by scanner versions 1.1.2.7 or later.

 

Directory Path Exclusions

To exclude specific directory paths from scanning, create one or more files with the naming convention: C:\Program Files\BigFix Enterprise\BES Client\DSS\SAM\paths\exclude_path*.txt

Example: C:\Program Files\BigFix Enterprise\BES Client\DSS\SAM\paths\exclude_path_systemdirs.txt

Add directory paths you wish to exclude in entries separated by newlines to any files named using this convention. Directories should be specified via explicit paths and may use DOS-style wildcard characters ("?" matches one character, "*" matches one or more characters).

Examples:

C:\Documents and Settings\All Users\My Documents\Applications\  (Excludes everything below the Applications directory on the C drive)
C:\Cygwin  (Excludes the Cygwin directory on the C drive)
?:\Windows\System32\  (Excludes all System32 directories on all drives)
C:\Windows\$NT*  (Excludes everything in and below the $NT share)
?:\home\*  (Excludes only directories below the home directory on all drives)
?:\home*  (Excludes everything within the home directory as well as anything below the home directory on all drives)

Directory path matching is case-insensitive.



Note: The path exclusion feature is only supported on SAMScanner 1.2 and higher. These settings are ignored by earlier versions of SAMScanner. SAMScanner 1.2.0.2 is not supported on Windows NT 4. Computers running Windows NT 4 will not be relevant to upgrade to SAMScanner 1.2, but can continue to run the earlier versions.