Configuration (top)

Root element of Snow inventory configuration file.
An element with minOccurs="0" that isn't presented in the xml file will have a Null value.
Every system shall have a default settings.xml file that decides what value should be the default if none is given.
The order the client should do this is to first read the default xml file and after that write over these values with the values in the users xml file.
Note that the elements in the configuration file are case sensitive.

<Configuration>
  <Agent>...</Agent>
  <Schedule>...</Schedule>
  <Meter>...</Meter>
  <Software>...</Software>
  <Registry>...</Registry>
  <Logging>...</Logging>
  <Server>...</Server>
  <DropLocation>...</DropLocation>
  <Oracle>...</Oracle>
  <SystemSettings>...</SystemSettings>
  <Environment>...</Environment>
  <SudoCommands>...</SudoCommands>
</Configuration>

Attributes

None.

Child Elements

Element	Description
Agent	Required element. Basic information about the agent deployment. Such a site and configuration name.
Schedule	Optional element. Only applicable to the Windows Agent. Schedule tasks to run on a recurring interval. The element must be provided in the configuration for automatic scans to be performed.
Meter	Optional element. Only applicable to the Windows Agent. Metering rules.
Software	Optional element. Defines what should be included in the clients next scan. Note software is included from the following locations by default in the Windows operating system: Desktop, user profile, start menu, uninstall information and running processes.
Registry	Optional element. Only applicable to the Windows Agent. Include additional information from the Windows Registry in the scan result.
Logging	Control the log output.
Server	Required element. Specify server endpoints. Each endpoint represents a possible path for the agent to the server.
DropLocation	A drop location can be a folder, HTTP endpoint or UNC file path and specifies an additional delivery location for scan results. Only used when the agent normally sends the result to the server. Drop locations are not subject to retry policies, if a drop location does not receive the scan result (for any reason) the scan result will not be resent to that drop location at a later date.
Oracle	Information used in the SIOS component for Oracle database inventory.
SystemSettings	System settings that override the default behavior of the agent. Use with care.
Environment	Element containing control directives regarding environment data.
SudoCommands	Optional element. Only applicable to the UNIX Agent. List of commands that are allowed to be elevated to root using sudo.

Agent (top)

Required element.
Basic information about the agent deployment. Such a site and configuration name.

<Agent>
  <SiteName>...</SiteName>
  <ConfigName>...</ConfigName>
</Agent>

Attributes

None.

Child Elements

Element	Description
SiteName	Required element. The name of the site that the agent belongs to. The site is used to identify the origin of the data files when transmitted to the server.
ConfigName	Required element. Name of configuration.

Schedule (top)

Optional element. Only applicable to the Windows Agent.
Schedule tasks to run on a recurring interval.
The element must be provided in the configuration for automatic scans to be performed.

<Schedule enabled="...">
  <Task>...</Task>
</Schedule>

Attributes

Attribute	Description
enabled	Acceptable value: true or false

Child Elements

Element	Description
Task	List of tasks that the client should perform. Can be empty.

Task (top)

The task that will be run by the agent.

<Task>
  <Action>...</Action>
  <Occurance>...</Occurance>
  <TimeOfDay>...</TimeOfDay>
  <Randomize>...</Randomize>
</Task>

Attributes

None.

Child Elements

Element

Description

Action

Required element.
Action to be performed

reserved	Reserved
scan	Required element. Performs a scan of the machine and sends the result the to server.

Occurance

Required element.

TimeOfDay

Optional element.
Examples: 09:10, 09:10:30, PT09H10M
For backwards compatibility, the format is very flexible. Any string containing two digits followed by a delimiter and two more digits is accepted.
Scheduling works on a resolution of minutes. Seconds are ignored.

Randomize

Optional element. Only applicable to daily, weekly and monthly schedule types.
The allowed maximum number of minutes offset from time of day when a scan should occur on schedule.
A grater value can help spread out the load on server infrastructure as it is unlikey that many agents will then report back simultaneously.

Occurance (top)

How often to stage a certain task.

<Occurance>
  <AtStart>...</AtStart>
  <Daily>...</Daily>
  <Weekly>...</Weekly>
  <Monthly>...</Monthly>
</Occurance>

Attributes

None.

Child Elements

Element

Description

AtStart

Optional element. If used values: true/false
Will stage task at start of Agent (service init).

Daily

Optional element. If used values: true/false
Do the action on a daily basis.

Weekly

Optional element.
Do the action on a weekly basis. Allowed values: monday tuesday wednesday thursday friday saturday sunday

monday
tuesday
wednesday
thursday
friday
saturday
sunday

Monthly

Optional element.
The day of month the task will be executed.
If the day of the month is outside the range of that month, run action the last day in that month.
For example in February this would become the 28th or 29th.
Example: 30

AtStart (top)

Optional element. If used values: true/false
Will stage task at start of Agent (service init).

<AtStart />

Attributes

None.

Child Elements

None.

Meter (top)

Optional element. Only applicable to the Windows Agent.
Metering rules.

<Meter enabled="...">
  <Exclude>...</Exclude>
  <Span>...</Span>
  <Occurance>...</Occurance>
</Meter>

Attributes

Attribute	Description
enabled	Acceptable value: true/false

Child Elements

Element	Description
Exclude	Optional element. Specifies what software should be excluded from scan.
Span	Required element. Time span for metering.
Occurance	Required element. List of days when metering should be done.

Exclude (top)

Optional element.
Specifies what software should be excluded from scan.

<Exclude>
  <Path>...</Path>
</Exclude>

Attributes

None.

Child Elements

Element	Description
Path	Optional element Exclude software based on a set of simple string matching rules. For example: - `.dll` exclude all software that ends with the `.dll` extension - `C:\Windows\` exclude all software that is run from the `C:\Windows` directory Note that exclusion does not impact unconditional include paths.

Span (top)

<Span>
  <StartTime>...</StartTime>
  <EndTime>...</EndTime>
</Span>

Attributes

None.

Child Elements

Element	Description
StartTime	Required element. Example: PT09H10 All components (PThhHmmM) are required!
EndTime	Required element. Example: PT09H10 All components (PThhHmmM) are required!

Occurance (top)

<Occurance>
  <Weekday>...</Weekday>
</Occurance>

Attributes

None.

Child Elements

Element

Description

Weekday

Optional element.
Specify day(s) that metering will occur on.

monday
tuesday
wednesday
thursday
friday
saturday
sunday

Software (top)

Optional element.
Defines what should be included in the clients next scan.

Note software is included from the following locations by default in the Windows operating system:
Desktop, user profile, start menu, uninstall information and running processes.

<Software>
  <Include>...</Include>
  <IncludeCriteria>...</IncludeCriteria>
  <Exclude>...</Exclude>
</Software>

Attributes

None.

Child Elements

Element	Description
Include	Optional element. Specifies what software should be included in scan based on file system locations.
IncludeCriteria	Optional element. Additional criteria that must be fulfilled for software to be included in the result. For each type of criteria, at least one (if any) of the criterias must match. For example, if multiple extensions have been specified it's enough if one extension matches but if extensions and manufacturers have both been specified there has to be at least one matching extension and manufacturer.
Exclude	Optional element. Specifies what software should be excluded from scan.

Include (top)

Optional element.
Specifies what software should be included in scan based on file system locations.

<Include>
  <Path>...</Path>
</Include>

Attributes

None.

Child Elements

Element	Description
Path	Each path is a search expression that is used to locate software based on the file system information. If no path is specified, software information from any locally attached (or mounted) disk will be included. Note that unless any exclude paths have been specified a complete file system scan will take place. It could take a while... and impact system performance for the duration of the scan.

Path (top)

Each path is a search expression that is used to locate software based on the file system information.
For example:
- C:\Windows\* matches all files located in the C:\Windows directory
- C:\Windows\*.log matches all .log files located in the C:\Windows directory

<Path recursive="..." unconditionally="..." />

Attributes

Attribute	Description
recursive	Optional element. Specifies whether to use the path to search recursively for files. For example when recursive=true: - `C:\Windows\*.log` matches all `.log` files located in the `C:\Windows` directory and all sub directories. Acceptable value: true or false Default: false
unconditionally	Optional element. If used values: true/false Specifies whether to include the files found regardless of any exclusion filter. Acceptable value: true or false Default: false

Child Elements

None.

IncludeCriteria (top)

Optional element.
Additional criteria that must be fulfilled for software to be included in the result.
For each type of criteria, at least one (if any) of the criterias must match.
For example, if multiple extensions have been specified it's enough if one extension matches but if extensions and manufacturers have both been specified there has to be at least one matching extension and manufacturer.

<IncludeCriteria enabled="...">
  <Manufacturer>...</Manufacturer>
  <FileSystem>...</FileSystem>
  <FileType>...</FileType>
</IncludeCriteria>

Attributes

Attribute	Description
enabled	Acceptable value: true/false

Child Elements

Element	Description
Manufacturer	Only applicable to the Windows Agent. Optional element. May be specified multiple times. If software is to be included it must match at least one manufacturer filter. NOTE: The manufacturer criteria can only be applied if the manufacturer can be determined.
FileSystem	Optional element. May be specified multiple times. Only applicable to UNIX agent. If scanning for software reaches a directory that is a mount point the scanning will not continue scanning the directory further if the file system isn't listed. Example: jsf
FileType	Optional element. May be specified multiple times. If software is to be included it must match one of the file types specified. Unix: Example: "ELFexecutable", as reported by the file-command. Supports wildcard matching. Windows: file extensions, defaults are: exe, wfd, wfi, wtd, sys2, lnk Not applicable for Linux & macOS.

Exclude (top)

Optional element.
Specifies what software should be excluded from scan.

<Exclude>
  <Path>...</Path>
  <FileSystem>...</FileSystem>
</Exclude>

Attributes

None.

Child Elements

Element Description

Element	Description
Path	Optional element. May be specified multiple times. Exclude software based on a set of simple string matching rules. For example: - `.dll` exclude all software that ends with the `.dll` extension - `C:\Windows\` exclude all software that is run from the `C:\Windows` directory - `/some/path/*` exclude software beneath the /some/path directory Note that exclusion does not impact unconditional include paths.
FileSystem	Optional element. May be specified multiple times. Only applicable to the Linux and OSX Agent. If software is to be excluded based on file system type.

Path

Optional element. May be specified multiple times.
Exclude software based on a set of simple string matching rules.
For example:
- *.dll exclude all software that ends with the .dll extension
- C:\Windows\* exclude all software that is run from the C:\Windows directory
- /some/path/* exclude software beneath the /some/path directory

Note that exclusion does not impact unconditional include paths.

FileSystem

Optional element. May be specified multiple times. Only applicable to the Linux and OSX Agent.
If software is to be excluded based on file system type.

Registry (top)

Optional element. Only applicable to the Windows Agent.
Include additional information from the Windows Registry in the scan result.

<Registry enabled="...">
  <Query>...</Query>
</Registry>

Attributes

Attribute	Description
enabled	Acceptable value: true/false

Child Elements

Element	Description
Query	Represents a registry query.

Query (top)

Represents a registry query (Windows specific). The query will be used to search for a set of values that will be included as custom registry information in the scan result.

<Query>
  <Key>...</Key>
  <Value>...</Value>
</Query>

Attributes

None.

Child Elements

Element	Description
Key	Required element. The sub key (and registry hive) to scan. Example: HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT
Value	Required element. May be specified multiple times. Each value represents the name of a value and if found at any location during query will result in that value being included in the scan result. Example: Version

Key (top)

Required element.
The sub key (and registry hive) to scan.
Example: HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT

<Key recursive="..." />

Attributes

Attribute	Description
recursive	Optional element. If used values: true/false Specifies whether to perform a recursive search starting at the sub key specified. Note that it may take considerable time to perform a recursive scan, if the starting point is a key with many items underneath it. Use recursive queries sparsely. Acceptable value: true/false

Child Elements

None.

Logging (top)

Control the log output.

<Logging>
  <MaxSize>...</MaxSize>
  <Level>...</Level>
  <Tag>...</Tag>
  <Syslog>...</Syslog>
</Logging>

Attributes

None.

Child Elements

Element Description

MaxSize

Optional element.
Maximum allowed file size of the log file in KiB. Default: Windows/Linux/macOS: 2048 Unix: 16384

Level

Optional element.
Specify log level. Each log level includes the preceeding log level. Allowed values: error warning info trace verbose Default: error

error
warning
info
trace
verbose

Tag

Optional element.
Enable tagged log output. Tagged log output represents logging of a specific type or source and log independently of any log level set.
Some tags (such as the metering tag) are very verbose and should only be enabled during troubleshooting of any metering related issue.
The following is a complete list of supported tags:
- privop (privileged operation). All external commands that run with any form of elevation (administrative access rights) are logged with this tag.
- metering Verbose logging about current software metering.

Syslog

Optional element. Only applicable to the POSIX Agent.
Control the syslog output.

Syslog (top)

Optional element. Only applicable to the POSIX Agent.
Control the syslog output.

<Syslog enabled="...">
  <Level>...</Level>
  <Tag>...</Tag>
</Syslog>

Attributes

Attribute	Description
enabled	Acceptable value: true or false Default: false

Child Elements

Element Description

Level

Optional element.
Specify log level. Each log level includes the preceeding log level. Allowed values: error warning info trace verbose Default: error

error
warning
info
trace
verbose

Tag

Server (top)

Specify server endpoints. Each endpoint represents a possible path for the agent to the server.

Remarks
When establishing a connection to the server the agent simply choses an endpoint randomly from the list of available endpoints until each endpoint has been atempted at least once before giving up. The first endpoint that results in a successfull connection will be used for the remainder of the session.

<Server>
  <Endpoint>...</Endpoint>
</Server>

Attributes

None.

Child Elements

Element	Description
Endpoint	Required element. May be specified multiple times. A server endpoint that the agent will use to connect to the server infrastructure.

Endpoint (top)

<Endpoint>
  <Address>...</Address>
  <Proxy>...</Proxy>
  <ClientCertificate>...</ClientCertificate>
  <ServerPublicKeyHash>...</ServerPublicKeyHash>
</Endpoint>

Attributes

None.

Child Elements

Element	Description
Address	Required element. Specify the server URI in the following format: `scheme://hostname:port/`. supported URI schemes are `http` and `https`.
Proxy	Optional element. Proxy settings to use for this endpoint. If proxy settings are not specified any proxy server support is explicitly disabled for this endpoint.
ClientCertificate	Optional element. The client certificate used to secure the connection between agent and server.
ServerPublicKeyHash	Base64-encoded sha256 hash of the Inventory server certificate public key. The string should start with "sha256//" I.e.: sha256//YhKJKSzoTt2b5FP18fvpHo7fJYqQCjAa3HWY3tvRMwE=

Proxy (top)

Optional element.
Proxy settings to use for this endpoint. If proxy settings are not specified any proxy server support is explicitly disabled for this endpoint.

<Proxy>
  <Server>...</Server>
  <Credentials>...</Credentials>
</Proxy>

Attributes

None.

Child Elements

Element	Description
Server	Required element. Specify the address for this proxy server.
Credentials	Optional element. Credentials used to authenticate connection with HTTP proxy server. NOTE: Only basic authentication is supported.

Credentials (top)

Optional element.
Credentials used to authenticate connection with HTTP proxy server.

NOTE: Only basic authentication is supported.

<Credentials>
  <UserName>...</UserName>
  <Password>...</Password>
</Credentials>

Attributes

None.

Child Elements

Element	Description
UserName
Password	Note that the password is always stored in an encrypted form.

ClientCertificate (top)

Optional element.
The client certificate used to secure the connection between agent and server.

<ClientCertificate>
  <FileName>...</FileName>
  <Password>...</Password>
</ClientCertificate>

Attributes

None.

Child Elements

Element	Description
FileName	The file name of a client certificate to use (relative the current installation location).
Password	The password to use if the client certificate has been password protected. Note that the password is always stored in an encrypted form.

DropLocation (top)

A drop location can be a folder, HTTP endpoint or UNC file path and specifies an additional delivery location for scan results. Only used when the agent normally sends the result to the server.

Drop locations are not subject to retry policies, if a drop location does not receive the scan result (for any reason) the scan result will not be resent to that drop location at a later date.

<DropLocation>
  <Network>...</Network>
  <Path>...</Path>
  <Endpoint>...</Endpoint>
</DropLocation>

Attributes

None.

Child Elements

Element	Description
Network	Optional element. May be specified multiple times. Only applicable to the Windows Agent.
Path	Optional element. May be specified multiple times. Example: \server\folder
Endpoint

Network (top)

<Network>
  <Credentials>...</Credentials>
  <Location>...</Location>
</Network>

Attributes

None.

Child Elements

Element	Description
Credentials	Credentials to use when connecting to a network share as a specific user.
Location

Credentials (top)

Credentials to use when connecting to a network share as a specific user.

<Credentials>
  <Domain>...</Domain>
  <UserName>...</UserName>
  <Password>...</Password>
</Credentials>

Attributes

None.

Child Elements

Element	Description
Domain
UserName
Password

Endpoint (top)

<Endpoint>
  <Address>...</Address>
  <Proxy>...</Proxy>
  <ClientCertificate>...</ClientCertificate>
  <ServerPublicKeyHash>...</ServerPublicKeyHash>
</Endpoint>

Attributes

None.

Child Elements

Element	Description
Address	Required element. Specify the server URI in the following format: `scheme://hostname:port/`. supported URI schemes are `http` and `https`.
Proxy	Optional element. Proxy settings to use for this endpoint. If proxy settings are not specified any proxy server support is explicitly disabled for this endpoint.
ClientCertificate	Optional element. The client certificate used to secure the connection between agent and server.
ServerPublicKeyHash	Base64-encoded sha256 hash of the Inventory server certificate public key. The string should start with "sha256//" I.e.: sha256//YhKJKSzoTt2b5FP18fvpHo7fJYqQCjAa3HWY3tvRMwE=

Proxy (top)

Optional element.
Proxy settings to use for this endpoint. If proxy settings are not specified any proxy server support is explicitly disabled for this endpoint.

<Proxy>
  <Server>...</Server>
  <Credentials>...</Credentials>
</Proxy>

Attributes

None.

Child Elements

Element	Description
Server	Required element. Specify the address for this proxy server.
Credentials	Optional element. Credentials used to authenticate connection with HTTP proxy server. NOTE: Only basic authentication is supported.

Credentials (top)

Optional element.
Credentials used to authenticate connection with HTTP proxy server.

NOTE: Only basic authentication is supported.

<Credentials>
  <UserName>...</UserName>
  <Password>...</Password>
</Credentials>

Attributes

None.

Child Elements

Element	Description
UserName
Password	Note that the password is always stored in an encrypted form.

ClientCertificate (top)

Optional element.
The client certificate used to secure the connection between agent and server.

<ClientCertificate>
  <FileName>...</FileName>
  <Password>...</Password>
</ClientCertificate>

Attributes

None.

Child Elements

Element	Description
FileName	The file name of a client certificate to use (relative the current installation location).
Password	The password to use if the client certificate has been password protected. Note that the password is always stored in an encrypted form.

Oracle (top)

Information used in the SIOS component for Oracle database inventory.

<Oracle enabled="..." debug="...">
  <Environment>...</Environment>
  <DefaultInstanceCredentials>...</DefaultInstanceCredentials>
  <Oratab>...</Oratab>
  <InstancesWithConfiguration>...</InstancesWithConfiguration>
  <Include>...</Include>
  <Exclude>...</Exclude>
</Oracle>

Attributes

Attribute	Description
enabled	Acceptable value: true/false
debug	Determines if additional information is included in the snowpack for diagnostic purposes. Acceptable value: true/false

Child Elements

Element	Description
Environment
DefaultInstanceCredentials	Credentials used in all oracle scans if there is no specific credentials for a SID. May be left out if automatic scan is used or instance specific credentials are entered.
Oratab	Specifies the location of the Oratab file to be used to read ORACLE HOME from. This setting is overridden by an OracleHome-element in the Instance-element.
InstancesWithConfiguration
Include	List of what should be included in the Oracle database scan.
Exclude	List of what should be excluded from the Oracle database scan.

Environment (top)

<Environment>
  <Item>...</Item>
</Environment>

Attributes

None.

Child Elements

Element	Description
Item	Specifies a single environment variable to be set.

Item (top)

Specifies a single environment variable to be set.

<Item variable="..." value="..." />

Attributes

Attribute	Description
variable
value

Child Elements

None.

DefaultInstanceCredentials (top)

<DefaultInstanceCredentials UseTNS="...">
  <UserName>...</UserName>
  <Password>...</Password>
</DefaultInstanceCredentials>

Attributes

Attribute	Description
UseTNS

Child Elements

Element	Description
UserName
Password

InstancesWithConfiguration (top)

<InstancesWithConfiguration>
  <Instance>...</Instance>
</InstancesWithConfiguration>

Attributes

None.

Child Elements

Element	Description
Instance

Instance (top)

Defines the SID and can also contain credentials for the SID. You can also point to an Oracle home path.

<Instance>
  <SID>...</SID>
  <Credentials>...</Credentials>
  <OracleHome>...</OracleHome>
  <Environment>...</Environment>
  <UnixUser>...</UnixUser>
</Instance>

Attributes

None.

Child Elements

Element	Description
SID
Credentials	Optional element.
OracleHome	Optional. Path to the Oracle home directory. Used if the scanner canâ€™t find the path automatically.
Environment
UnixUser

Credentials (top)

<Credentials UseTNS="...">
  <UserName>...</UserName>
  <Password>...</Password>
</Credentials>

Attributes

Attribute	Description
UseTNS

Child Elements

Element	Description
UserName
Password

Environment (top)

<Environment>
  <Item>...</Item>
</Environment>

Attributes

None.

Child Elements

Element	Description
Item	Specifies a single environment variable to be set.

Item (top)

Specifies a single environment variable to be set.

<Item variable="..." value="..." />

Attributes

Attribute	Description
variable
value

Child Elements

None.

Include (top)

List of what should be included in the Oracle database scan.

<Include>
  <AllInstances>...</AllInstances>
  <Instance>...</Instance>
</Include>

Attributes

None.

Child Elements

Element	Description
AllInstances	True if all instances should be found and scanned.
Instance

Instance (top)

Defines the SID and can also contain credentials for the SID. You can also point to an Oracle home path.

<Instance>
  <SID>...</SID>
  <Credentials>...</Credentials>
  <OracleHome>...</OracleHome>
  <Environment>...</Environment>
  <UnixUser>...</UnixUser>
</Instance>

Attributes

None.

Child Elements

Element	Description
SID
Credentials	Optional element.
OracleHome	Optional. Path to the Oracle home directory. Used if the scanner canâ€™t find the path automatically.
Environment
UnixUser

Credentials (top)

<Credentials UseTNS="...">
  <UserName>...</UserName>
  <Password>...</Password>
</Credentials>

Attributes

Attribute	Description
UseTNS

Child Elements

Element	Description
UserName
Password

Environment (top)

<Environment>
  <Item>...</Item>
</Environment>

Attributes

None.

Child Elements

Element	Description
Item	Specifies a single environment variable to be set.

Item (top)

Specifies a single environment variable to be set.

<Item variable="..." value="..." />

Attributes

Attribute	Description
variable
value

Child Elements

None.

Exclude (top)

List of what should be excluded from the Oracle database scan.

<Exclude>
  <Instance>...</Instance>
</Exclude>

Attributes

None.

Child Elements

Element	Description
Instance

Instance (top)

Defines the SID and can also contain credentials for the SID. You can also point to an Oracle home path.

<Instance>
  <SID>...</SID>
  <Credentials>...</Credentials>
  <OracleHome>...</OracleHome>
  <Environment>...</Environment>
  <UnixUser>...</UnixUser>
</Instance>

Attributes

None.

Child Elements

Element	Description
SID
Credentials	Optional element.
OracleHome	Optional. Path to the Oracle home directory. Used if the scanner canâ€™t find the path automatically.
Environment
UnixUser

Credentials (top)

<Credentials UseTNS="...">
  <UserName>...</UserName>
  <Password>...</Password>
</Credentials>

Attributes

Attribute	Description
UseTNS

Child Elements

Element	Description
UserName
Password

Environment (top)

<Environment>
  <Item>...</Item>
</Environment>

Attributes

None.

Child Elements

Element	Description
Item	Specifies a single environment variable to be set.

Item (top)

Specifies a single environment variable to be set.

<Item variable="..." value="..." />

Attributes

Attribute	Description
variable
value

Child Elements

None.

SystemSettings (top)

System settings that override the default behavior of the agent. Use with care.

<SystemSettings>
  <Setting>...</Setting>
</SystemSettings>

Attributes

None.

Child Elements

Element	Description
Setting

Setting (top)

<Setting key="..." value="..." />

Attributes

Attribute

Description

key

The name of a system setting to set to some value. Acceptable values depend on the type of setting. See remarks about each setting for more information.

reserved	Reserved
privacy.hide_user	Replace the user name (anywhere present) with SHA-1 hash of the user name (UTF-8 byte representation). Only applicable to the Windows and POSIX Agents. Acceptable value: true/false Default value: false
privacy.hide_ip	Replace the IP address (anywhere present) with SHA-1 hash of the IP address (UTF-8 byte representation). Only applicable to the Windows and POSIX Agents. Acceptable value: true/false Default value: false
env.allowonlyonescanperday	Only applicable to the Linux and OS X Agent. If set, only one scan per day will be allowed by the agent. Acceptable value: true/false Default: false
env.emulate_os	For Snow internal use only. Used in SIAU. This value will decide what operating system and hardware will be used. It is the filename that is derived from this value that decides type of system. All mock files are placed in a directory named mockfiles. In that directory files named: mockfileemulatedos_operation are placed and read instead of the corresponding operating system command.
env.java_home	If path to java can't be found or an incompatible version is set as default, this value can be used to identify a correct version.
env.shell	Optional. Used as a solution to problems with the standard shell installed. Points to a shell. Example: /bin/bash
env.data_dir	If specified, overrides the directory in which the agent will store data files, such as scan results and metering (when applicable). Defaults to a sub directory 'data' from where the agent is run. The agent must have read and write access to this directory.
env.temp_dir	If specified, overrides the directory where the agent will store temporary data files. Defaults to system default temporary directory. The agent must have read and write access to this directory.
env.log_dir	If specified, overrides the default log directory where the agent will store log files. Defaults to a sub directory 'data' from where the agent is run. The agent must have read and write access to this directory.
http.ssl_verify	If false, the agent will not verify that any certificate used to secure communication is issued by a trusted certificate authority (CA). This setting is enabled by default and must be explicitly disabled if necessary. Acceptable value: true/false Default: true
http.ssl_capath	Only applicable to the Linux and macOS Agent. Must be specified to use SSL/TLS. Specify the PEM file containing the Certificate or Certificate bundle. Equivalent to the curl flag --cacert Example: /etc/ssl/certs/mycert.pem
http.timeout	The timout in seconds for requests to the server endpoint. Default value: 15
log.append	If true, the logfile will not be cleared upon a completed scan, i.e. it will be appended upon. This will cause subsequent snowpacks to contain log information from multiple scans. Default value: false Acceptable value: true/false
software.scan.dpkg	Include information from the Debian package manager about installed software. Acceptable value: true/false Default: false
software.scan.jar	Not applicable to the Unix Agent Enable software scan by scanning the metadata found in Java Archive (JAR) files. Acceptable value: true/false Default: true
software.scan.rpm	Include information from the Red Hat package manager about installed software. Acceptable value: true/false Default: false
software.scan.ips	Include information from the Image Packaging System (IPS). Applicable to Solaris 11 and later. Acceptable value: true/false Default: true
software.scan.svr4	Include information from SVR4 packages. Applicable to Solaris 10 and previous versions. Acceptable value: true/false Default: true
software.scan.lpp	Include information from Licensed Program Products. Applicable to AIX systems. Acceptable value: true/false Default: true
software.scan.sd	Include information from Software Distributor. Applicable to HP-UX systems. Acceptable value: true/false Default: true
software.scan.running_processes	Applicable only to Linux and Unix agents. Scans running processes and adds them to the software scanning result, as a file system scan would. If used with file system scan, there is no distinction made between the results. A program found running and in a file system scan will be the same. Acceptable value: true/false Default: true
software.scan.add_latency	Defined in microseconds. When reading or processing large amounts of data/objects, add some extra latency between the objects to prevent the system from spending too much resource on this process. This might also be a good solution when scanning exceptionally fast drives, to keep the CPU usage down Allowed values: n >= 0, where n is in micro seconds. Default: 0
software.scan.enabled	Only applicable to the Windows Agent. If disabled will override all software.scan.* settings Acceptable value: true/false Default: true
software.scan.swidtags	Only applicable to the Windows Agent. Disable or enable scanning of swid tags Acceptable value: true/false Default: true
hardware.scan.enabled	Only applicable to the Windows Agent. Disable or enable scanning of hardware, this will override any individual hardware.scan.* setting. Acceptable value: true/false Default: true
hardware.scan.device	Only applicable to the Windows Agent. Disable or enable scanning of installed device drivers Acceptable value: true/false Default: true
hardware.scan.networkadapter	Only applicable to the Windows Agent. Disable or enable scanning of network adapters Acceptable value: true/false Default: true
software.scan.userscan	Only applicable to the Windows Agent. If disabled will override: software.scan.environmentvariables, software.scan.fileshare, hardware.scan.printer Acceptable value: true/false Default: true
software.scan.environmentvariables	Only applicable to the Windows Agent. Disable or enable scanning of environment variables Acceptable value: true/false Default: true
software.scan.fileshare	Only applicable to the Windows Agent. Disable or enable scanning of network shares Acceptable value: true/false Default: true
hardware.scan.printer	Only applicable to the Windows Agent. Disable or enable scanning of printers that are setup on the system Acceptable value: true/false Default: true
hardware.scan.displayadapter	Only applicable to the Windows Agent. Disable or enable scanning of inistalled display adapter Acceptable value: true/false Default: true
hardware.scan.expansionslot	Only applicable to the Windows Agent. Legacy support Acceptable value: true/false Default: true
software.scan.fonts	Only applicable to the Windows Agent. Disable or enable scanning of installed fonts Acceptable value: true/false Default: true
software.scan.ignore_bind_mounts	Only applicable to the Linux Agent. If true, the agent will attempt to find bind mounts and add these to the list of directories to be ignored Acceptable value: true/false Default: false
software.scan.ignore_autofs_mounts	Only applicable to the Linux and Unix agent. If true, the agent will attempt to find detect autofs mounts and add these to the list of directories to be ignored Acceptable value: true/false Default: false
hardware.scan.keyboard	Only applicable to the Windows Agent. Disable or enable scanning of attached keyboard Acceptable value: true/false Default: true
hardware.scan.logicaldisk	Only applicable to the Windows Agent. Disable or enable scanning of logical drives attached Acceptable value: true/false Default: true
software.scan.loginuser	Only applicable to the Windows Agent. Disable or enable scanning of user login history Acceptable value: true/false Default: true
hardware.scan.memory	Only applicable to the Windows Agent. Disable or enable scanning of memory Acceptable value: true/false Default: true
hardware.scan.modem	Only applicable to the Windows Agent. Disable or enable scanning of attached modems Acceptable value: true/false Default: true
hardware.scan.monitor	Only applicable to the Windows Agent. Disable or enable scanning of attached screen Acceptable value: true/false Default: true
hardware.scan.mouse	Only applicable to the Windows Agent. Disable or enable scanning of attached mouse device Acceptable value: true/false Default: true
hardware.scan.multimedia	Only applicable to the Windows Agent. Disable or enable scanning of installed media devices, i.e sound card. Acceptable value: true/false Default: true
software.scan.netclient	Only applicable to the Windows Agent. Disable or enable scanning of network clients or network services Acceptable value: true/false Default: true
software.scan.netprotocol	Only applicable to the Windows Agent. Disable or enable scanning ofNDIS protocols CoNDIS stand-alone call managers Acceptable value: true/false Default: true
software.scan.ntservice	Only applicable to the Windows Agent. Disable or enable scanning of services Acceptable value: true/false Default: true
software.scan.odbc	Only applicable to the Windows Agent. Disable or enable scanning of ODBC data sources and related drivers Acceptable value: true/false Default: true
hardware.scan.pci	Only applicable to the Windows Agent. Disable or enable scanning of pci devices Acceptable value: true/false Default: true
hardware.scan.physicaldisk	Only applicable to the Windows Agent. Disable or enable scanning of attached physical disks Acceptable value: true/false Default: true
hardware.scan.port	Only applicable to the Windows Agent. Disable or enable scanning of COM and LPT ports on the computer Acceptable value: true/false Default: true
hardware.scan.processor	Only applicable to the Windows Agent. Disable or enable scanning of processor Acceptable value: true/false Default: true
hardware.scan.scsi	Only applicable to the Windows Agent. Disable or enable scanning of SCSI devices Acceptable value: true/false Default: true
hardware.scan.tapedrive	Only applicable to the Windows Agent. Disable or enable scanning of attached tape drives Acceptable value: true/false Default: true
hardware.scan.usb	Only applicable to the Windows Agent. Disable or enable scanning of usb devices Acceptable value: true/false Default: true
software.scan.custominfo	Only applicable to the Windows Agent. Currently "Custom reg keys" within the "default behaviour" concept. Acceptable value: true/false Default: true
software.scan.virtualsoftwareinfo	Only applicable to the Windows Agent. Disable or enable scanning of virtual software Acceptable value: true/false Default: true
metering.is_enabled	Only applicable to the Windows Agent. Enable or disable metering. Acceptable value: true/false Default: true
send.max_scan_result_backlog_count	Whenever a send failure occurs the scan result is keept (locally) until the next send opportunity. This setting controls the maximum number of results that can be kept around at any given time. When this limit is reached, the oldest result is delete until the number of scan results are within the allowed limit. Default value: 90
powershell.enabled	Only applicable to the Windows Agent. If true, Powershell scanning scripts will be run. Acceptable value: true/false Default: true
env.powershell_timeout	The time in milliseconds we wait for all powershell scripts to finish. Note, this is for whole session not individual scripts. Minimum: 300000 (5 minutes) Default: 300000 (5 minutes)
powershell.encryption_key	DEPRECATED - Only applicable to the Windows Agent 5 and 6. Custom encryption key for executing .snow-ps1 PowerShell scripts. Must be a 64-symbol uppercase hex-string. I.e. 525CE16E463842F020E516CF9EE32D53ACE8BB1AEEDC961A0A3725EFD9CCE2DD
http.poll_interval	Only applicable to the Windows Agent. The interval in seconds between heartbeats. A heartbeat is a check to see if there are any pending commands to be carried out at this moment. For example, agent updates. The interval must be between 10 minutes and 3 days otherwise the default value of 5400 seconds (90 minutes) is used.
http.poll_variance	Only applicable to the Windows Agent. The variance in seconds for heartbeats. The variance control how many seconds off the interval is allowed per heartbeat. Greater variance means more evenly distributed load. The variance must be between 1 second and the interval. Otherwise the default value of 1800 seconds (30 minutes) is used.
wmi.poll_interval	Only applicable to the Windows Agent. The interval that Windows Management Instrumentation (WMI) uses to poll the data provider for intrinsic events. Default is 15 seconds. A higher poll interval may be useful in Virtual Desktop Infrastructure environments. See https://msdn.microsoft.com/en-us/library/aa394527(v=vs.85).aspx for more information.
env.is_virtual_desktop_infrastructure	Only applicable to the Windows Agent. If the agent is running in a virtual desktop infrastructure this setting should be set to true. Acceptable value: true/false Default value: false
snowpack.encryption_fingerprint	The fingerprint of the encryption key to use for encrypting Snowpacks. Note: You must also place the crypt key file in the folder specified by snowpack.encryption_path. Default: None
snowpack.encryption_path	The path to where the encryption keys are stored. This setting is optional. If not present, the path to the agent itself will be used.
saas.edge.enabled	Set this to: - false to uninstall and prevent installation the Edge browser extension. - enable to enable the extension when installed outside the agent - true to allow the agent to install the Edge browser extension. Acceptable value: true/enable/false Default value: true
saas.chrome.enabled	Set this to: - false to uninstall and prevent installation the Chrome browser extension. - enable to enable the extension when installed outside the agent - true to allow the agent to install the Chrome browser extension. Acceptable value: true/enable/false Default value: true
saas.chrome.enterprise.installation	Only applicable to the macOS Agent. Set this to false to use alternative installation method of the Chrome browser extension, using a preferences file. See https://developer.chrome.com/apps/external_extensions Acceptable value: true/false Default value: true
saas.firefox.enabled	Set this to: - false to uninstall and prevent installation the Firefox browser extension. - enable to enable the extension when installed outside the agent - true to allow the agent to install the Firefox browser extension. Acceptable value: true/enable/false Default value: true
legacy_webmetering.is_enabled	Only applicable to the Windows Agent. If true, the legacy web metering is enabled. Default value: false
disable_all_updates	If true, the agent will not perform any updates operations; no program updates, no SaaS rule updates etc. Not even when run manuall on the commandline. Default value: false
reserved_end	Reserved

value

The value associated with the setting. Note that the format of this value will vary depending on the type of setting. See remarks about each setting for more information.

Child Elements

None.

Environment (top)

Element containing control directives regarding environment data.

<Environment>
  <Ignore>...</Ignore>
</Environment>

Attributes

None.

Child Elements

Element	Description
Ignore	Used to specify an environment variable to ignore when gathering them from the environment. Name is case-sensitive.

SudoCommands (top)

Optional element. Only applicable to the UNIX Agent.
List of commands that are allowed to be elevated to root using sudo.

<SudoCommands>
  <Path>...</Path>
</SudoCommands>

Attributes

None.

Child Elements

Element	Description
Path	Path to command allowed to be elevated using sudo. Example: /usr/bin/file