Skip to main content
Skip table of contents

Unified Agent - Scan Flow

This article describes all of the steps completed by the Unified Agent during a scan.

 

Unified Agent Scan Flow:

  • Read Configuration Step - After the scan is triggered the Unified Agent reads the configuration. The configuration priority is as follows:

    1. Command line

    2. Environment variables

    3. Configuration file specified under "-c" parameter in the command line

    4. Offline determined by offline=true in the configuration file

  • Resolver Detection Step - the Unified Agent runs the Package Manager Dependency resolvers. During this step it searches for the manifest files, like pom.xml, package.json, build.gradle, requirements.txt, packages.config, go.mod and others. It then uses the relevant Package Manager commands to pull the list of the dependencies

For a Java project where mvn.resolveDependencies=true and mvn.runPreStep=true, the Unified Agent will look for pom.xml and if found will execute 'mvn install' command to get the dependency tree

  • Effective Usage Analysis Step - If Effective Usage Analysis is enabled, then the dependencies resolved in step 2 will be sent through the Effective Usage Analysis to help identify effective and ineffective vulnerabilities

  • File System Scan Step (also known as a Flat Scan) - The Unified Agent scans the file system according to the provided includes/excludes parameter values in the configuration file (binary and source files). The scan file system is defined under "-d" parameter in the command line

If includes=**/*.js in the configuration file and "-d C:\Project1\" is added as a command line parameter, then the Unified Agent scans the entire directory under "C:\Project1\" looking for .js files and includes them into the update request file

  • Update Mend Inventory Step - The Unified Agent sends the update request to Mend servers, where Policies are checked, Source Files are mapped to the Source File Libraries and the inventory is updated

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.