FNMS Inventory - Best Practices

patrick_quinla · ‎Jul 19, 2021

Good Morning,

I've been made aware of a possible conflict that Mgssecsvc.exe is causing with another scanning agent that we have in our environment. I've been asked to put in an exclusion. This has caused me to review our Inventory Settings and I want to make sure I'm following best practices.

For Windows, Mac, and Linux I am NOT collecting File Evidence. These settings were configured when we installed FNMS a few years ago. I'm unable to exclude things without first enabling the File Evidence collection.

So, in regards to File Evidence, what best practices are there that I should be considering?

ChrisG · ‎Jul 20, 2021

First of all, consider whether you should gather file evidence. This is a hard question to answer as without this data you don't know what you don't know - but ultimately you can expect only a very small fraction of all application installations will get recognized based on file evidence. That particularly applies on Windows operating systems (as opposed to Unix-like operating systems), where just about all recognition rules are based on installer evidence.

With that said, some particular applications you are interested in may require file evidence to be gathered, so it could be important.

Here are examples of directories (from UNIX-like operating systems) which you may wish to consider excluding from scanning. These examples are based on them being observed in some environments to contain very large numbers of executable files that are not relevant for recognizing installed applications:

/var/spool
/var/log

Here are a couple of other threads in Flexera Community which touch on this topic:

(Did my reply solve the question? Click "ACCEPT AS SOLUTION" to help others find answers faster. Liked something? Click "KUDO". Anything expressed here is my own view and not necessarily that of my employer, Flexera.)