Unified Agent - Binary Matching

The Unified Agent employs three detection methods outlined in Getting Started with the Unified Agent | Detection-Methods. One of the methods of the filesystem scan is binary match detection, which primarily supports operating system packages like .deb, .rpm, etc., and application binaries such as .jar, .dll, .whl, etc. Additionally, the Unified Agent can identify archive files like .war, .ear, .zip, .tgz, etc., through binary matching. By default, archive extraction is disabled, meaning libraries from these files won't be detected unless archive extraction is enabled.

It is more effective to locate these binary types post-build within a container using the Mend CLI image scanning tool. Considering these factors, it's advisable either to disable binary matching in the Unified Agent following the instructions below or switch to using the CLI for Software Composition Analysis (SCA) and Image scanning.

Disabling Binary Matching

Binary matching as a part of the filesystem scan can be turned off by updating the excludes parameter with the following configuration. This keeps the default excludes and adds all Unified Agent supported binaries to the excludes list.

Environment Parameters

WS_EXCLUDES=**/.*,**/node_modules,**/src/test,**/testdata,**/*sources.jar,**/*javadoc.jar,**/*.jar,**/*.war,**/*.ear,**/*.aar,**/*.dll,**/*.exe,**/*.msi,**/*.nupkg,**/*.egg,**/*.whl,**/*.tar.gz,**/*.gem,**/*.deb,**/*.udeb,**/*.dmg,**/*.drpm,**/*.rpm,**/*.pkg.tar.xz,**/*.apk,**/*.swf,**/*.swc,**/*.air,**/*.apk,**/*.zip,**/*.gzip,**/*.tar.bz2,**/*.tgz

Config File

excludes=**/.*,**/node_modules,**/src/test,**/testdata,**/*sources.jar,**/*javadoc.jar,**/*.jar,**/*.war,**/*.ear,**/*.aar,**/*.dll,**/*.exe,**/*.msi,**/*.nupkg,**/*.egg,**/*.whl,**/*.tar.gz,**/*.gem,**/*.deb,**/*.udeb,**/*.dmg,**/*.drpm,**/*.rpm,**/*.pkg.tar.xz,**/*.apk,**/*.swf,**/*.swc,**/*.air,**/*.apk,**/*.zip,**/*.gzip,**/*.tar.bz2,**/*.tgz