Anti-Virus and Hips Exclusion

If you have Anti-Virus or HIPS software installed on the Cloud Agent host, it may interfere with Cloud Agent's functioning. To avoid this conflict, exclude the following files, directories, and processes from all security software installed on the system.

Directory list used by Cloud Agent installation

/etc

/etc/init.d

/etc/qualys

/etc/qualys/cloud-agent

/etc/qualys/cloud-agent/.centos

/etc/qualys/cloud-agent/cert

/etc/qualys/cloud-agent/.suse

/etc/qualys/cloud-agent/.systemd

/usr/local

/usr/local/qualys

/usr/local/qualys/cloud-agent

/usr/local/qualys/cloud-agent/bin

/usr/local/qualys/cloud-agent/lib

/usr/share/doc

/usr/share/doc/qualys-cloud-agent-<version>

/opt/qualys -  Stores AIX Cloud Agent logs only

/var/opt - Stores the Cloud Agent log files

/var/spool -  Stores the FIM and EDR data

/etc/init.d/  - Stores the Cloud Agent error data

Agent Daemon Pocess “qualys-cloud-agent”

The agent runs as a daemon process “qualys-cloud-agent.”

The agent runs various read-only commands during the scanning process. These are the same commands that run during a scan using a scanner appliance. Learn more

https://community.qualys.com/message/16520

Some transient files are created during agent execution

• To store the current Cloud Agent configuration: /usr/local/qualys/cloud-agent/Config.db
• To contain the manifests used during the agent-based scans: /usr/local/qualys/cloud-agent/manifests/*.db