Configure SwCA Scan Settings
You can configure the software composition analysis scan settings for Windows and Linux assets. The SwCA Scan Profile tab under Configuration contains the default profiles for Windows and Linux agents.
By default, one SwCA scan profile is available for Windows and Linux each.
You can also create customized SwCA scan profiles for Windows and Linux assets. To create a customized profile for the SwCA scan:
- Go to the Configuration tab and click SwCA Scan Profile.
- Click Create > Linux Scan Profile or Windows Scan Profile.
- Enter the required values and click Save.
Check the following sections for Configuring SwCA Scan Profile for your Windows and Linux assets: SwCA Scan Profile - Windows | SwCA Scan Profile - Linux.
SwCA Scan Profile - Windows
To create a new profile for SwCA scan on Windows assets, click Create > Windows Scan Profile.
Enter the following information in the Create New window:
Basic Information
- Enter Name and Description for the new scan profile.
- Scan Interval - Define the interval, in minutes, at which the agent scans the assets associated with this profile. The default value is 10080 minutes.
- If you want to set this scan profile as a default software composition analysis scan profile for your subscription, select the Set this as a default profile for the subscription check box. This will be a user-defined default profile.
Profile Settings
You can define the scope for the SwCA scan by adding directories to be included in the scan. You can also specify the files or directories that you want to exclude from the scan.
- Directories Included - You can define the directories to be included in the scan. By default, the */ directory is included for scan. You can enter multiple directories separated by comma. SwCA scans only the local drives of Windows assets.
Ensure that only the absolute path is supported. The field does not support wildcard characters and regular expressions.Include only specific directories in the scan scope to reduce CPU and memory consumption.
- Directories/Files to be excluded - You can exclude specific files or directories from the SwCA scan. To define the files/directories to be excluded, you can enter multiple directories separated by a comma.
Ensure that only the absolute path is supported. The field does not support wildcard characters and regular expressions.Exclude the directories that do contain relevant data for SwCA scan to reduce CPU memory consumption.
- Scan Time Out- Define the maximum time after which the scan is terminated. The default value is 120 minutes.
- CPU Usage- Enter the maximum CPU consumption allowed for the SCA scan process. However, a momentary spike can occur in CPU usage.
- Run Quick Scan- Select the check box to run a scan on the running processes.
Click Save to save the scan settings configured.
SwCA Scan Profile - Linux
To create a new profile for SwCA scan on Linux assets, click Create > Linux Scan Profile.
Enter the following information in the Create New window:
Basic Information
- Enter Name and Description for the new scan profile.
- Scan Interval- Define the interval, in minutes, at which the agent scans the assets associated with this profile. The default value is 10080 minutes.
- If you want to set this scan profile as a default software composition analysis scan profile for your subscription, select the Set this as a default profile for the subscription check box. This will be a user-defined default profile.
Profile Settings
You can define the scope for the SwCA scan by adding directories to be included in the scan. You can also specify the files or directories that you want to exclude from the scan.
- Directories Included - You can define the directories to be included in the scan. By default, the */ directory is included for scan. You can enter multiple directories separated by comma.
By default, root is included in the Linux Scan profile. However, the following common network file systems are excluded from SwCA scan:
- afs
- cifs
- fuse.sshfs
- gfs
- gfs2
- nfs
- nfs4
- nfsd
- safenetfs
- secfs
- smb2
- smbfs
- vxfs
- vxodmfs
Ensure that only absolute path is supported. The field does not support wildcard characters and regular expressions.Include only specific directories in the scan scope to reduce CPU and memory consumption.
- Directories/Files to be excluded - You can exclude specific files or directories from the SwCA scan. To define the files/directories to be excluded, you can enter multiple directories separated by comma.
Ensure that only the absolute path is supported. The field does not support wildcard characters and regular expressions.Exclude the directories that do not contain relevant data for SwCA scan to reduce CPU memory consumption.
- Scan Time Out - Define the maximum time after which the scan is terminated. The default value is 120 minutes.
- CPU Usage - Enter the maximum CPU consumption allowed for the SCA scan process. However, a momentary spike can occur in CPU usage.
- Disable Internet Access- Turn the Disable Internet Access on or off to disconnect or connect to the Internet. When internet connectivity is enabled, the SCA process can connect to the Maven repository to gather additional information to analyze Java artifacts.
Click Save to save the SwCA scan settings that you have configured.