Search for	Example	Results
A single word	`cat`	Topics that contain the word "cat". You will also find its grammatical variations, such as "cats".
A phrase. You can specify that the search results contain a specific phrase.	`"cat food"` (quotation marks)	Topics that contain the literal phrase "cat food" and all its grammatical variations. Without the quotation marks, the query is equivalent to specifying an OR operator, which finds topics with one of the individual words instead of the phrase.

Search for	Operator	Example
Two or more words in the same topic	`AND` `and` `+` (plus symbol) `&` (ampersand)	`cat AND dog` `"cat food"+milk` `"cat food"&"dog food"`
Either word in a topic	`OR` `or` `\|` (pipe)	`cat OR dog` `cat \| dog`
Topics that do not contain a specific word or phrase	`NOT` `not` `!` (exclamation point)	`NOT cat` `! dog`
Topics that contain one string and do not contain another	`^` (caret)	`cat ^ mouse`
A combination of search types	`( )` parentheses	`cat + (dog \| mouse)` `cat \| dog + (! mouse)`

Configuration Management System (CMS)2018.08

Use > Data Flow Management > Universal Discovery > Inventory Discovery > Inventory Discovery User Interface > Scanner Options Page

Scanner Options Page

This page is used to configure the behavior of the scanner during the usual scanning process and under exception conditions, and how to save the inventory results.

Important information

General information about the wizard is available in Scanner Generator Wizard.

Wizard map

The Scanner Generator Wizard contains:

Scenario Page > Standard Configuration Page > Collection Page > Hardware Data Page > Software Data Page > Software Details Page > Asset Data Page > Scanner Options Page > Scanners to Generate Page > Generating Scanners Page

Saving Tab

Enables you to set options for saving the inventory scan results.

Note For Enterprise Mode some of the options are pre-set to optimal values and cannot be changed.

User interface elements are described below:

UI Element	Description
Save result locally	Saves the scan file to the local machine. By default, the local scan file is called local$.xsf. This default name can be changed by using the -l scanner command line option. The Windows scanner uses the Micro Focus\Universal-Discovery subdirectory of the application data directory for all users. Enable delta scan files. Enables delta file scanning, where the scanners first save the complete scan files offsite by copying the local scan files. Instead of sending a full scan file to a server after every scan, the scanners calculate the difference (the delta) between the last full scan and the current one - and transfer just this data. This can dramatically reduce the amount of network bandwidth used when using Universal Discovery. By default, delta scanning is enabled. The XML Enricher re-assembles the full scan files based on the previous scan and the delta scan. No other Universal Discovery component uses the delta scan file. The re-assembled scan can however, be used in the Viewer and Analysis Workbench inventory tools. Note To set up the scanner to handle delta scan files in Manual Deployment mode, see How to Set up the Scanner to Handle Delta Scan Files in Manual Deployment Mode. Note In Enterprise mode results are always saved locally—this setting cannot be changed.
Save result to network (off-site)	Saves the scan file to a remote (offsite) disk (such as floppy disk or network drive). Click Advanced to specify the file path or URL: File. Saves the results to the specified file path. In the File Path/URL field, specify the path as follows: Normal file path. The full path name, beginning with the drive letter. For example: c:\Inventory\Scans. UNC file path. The UNC path. Use the following format: \\servername\sharename\path\ For example: \\DataFlowProbe\ScansIncoming Note The specified UNC path must have write access. Do not specify a file name here. The offsite save location can be overridden by using the -p: or /p: command line option. For example: Scanwin32-x86 -p:C:\Scanners\ A UNC path can also be entered as the argument to this option. The format for the UNC path is: \\servername\sharename\path\ For example: Scanwin32-x86 –p:\\DataFlowProbe\ScansIncoming In Windows, if the UNC name specified is visible to the machine, the scan file will be saved to the specified location, even if it is not mapped to a drive letter. On UNIX and macOS machines, the UNIX/macOS save path is used instead, allowing UNIX-style syntax for specifying directories to be used. On UNIX/macOS, do not use drive letters, and the save path must instead start with ‘/’ (root) and point to a directory writable by the scanner. FTP/FTPS. The scanner saves the scan file to the FTP or FTPS server specified in the File Path/URL field. If necessary, provide the username and password to access the specified path. When an FTP location is specified with the -p scanner command line option, the user name and password can be encoded into the URL as follows: ftp://user:password@host:port/dir For detailed information, see the description of -p:<path> in Scanner Command Line Parameters Overview. HTTP/HTTPS. The scanner saves the scan file to a Web server specified in the File Path/URL field, if it has been configured to allow writing to a particular directory. If necessary, provide the username and password to access the specified path. Ensure that the web server has been configured to allow saving to it using HTTP. For details, see Web Server Configuration for Saving Scan Files via HTTP. By default both the Incoming and Original directories of the XML Enricher are shared via HTTP. This can be changed to HTTPS by adjusting the Data Flow Probe configuration. See Processing Scan Files. Note (For Manual Deployment Mode only) If you select Save result to network (off-site) and use FTP/FTPS or HTTP/HTTPS for the generated scanner in the Windows platform, make sure that the following DLL files from the Universal Discovery agent installation folder (for example, C:\Program Files\Micro Focus\Discovery Agent\bin32) are copied to the same folder where the generated scanner locates: For x64: libeay64-disc-v09.dll ssleay64-disc-v09.dll For x86: libeay32-disc-v09.dll ssleay32-disc-v09.dll
Always create log file	The log file stores progress messages for scanner hardware detection, indicates what directory data is scanned, how long the software scanning took, and contains the status of the scan file saving. A log file is always created if this option is selected. If this option is not selected, a log file is only created if an error is encountered. Depending on the saving options chosen, the log file is saved to the following locations: The same location as the local scan file. The same location as the off-site scan file (if an off-site location has been specified). In the scan file itself (as a stored file). The name given to the log file is the same as the name of the scan file. For example, if the scan file is called: XSF014.xsf, then the log file generated will be called: XSF014.log.

UI Element

Description

Save result locally

Saves the scan file to the local machine.

By default, the local scan file is called local$.xsf. This default name can be changed by using the -l scanner command line option.

The Windows scanner uses the Micro Focus\Universal-Discovery subdirectory of the application data directory for all users.

Enable delta scan files. Enables delta file scanning, where the scanners first save the complete scan files offsite by copying the local scan files.

Instead of sending a full scan file to a server after every scan, the scanners calculate the difference (the delta) between the last full scan and the current one - and transfer just this data. This can dramatically reduce the amount of network bandwidth used when using Universal Discovery. By default, delta scanning is enabled.

The XML Enricher re-assembles the full scan files based on the previous scan and the delta scan. No other Universal Discovery component uses the delta scan file. The re-assembled scan can however, be used in the Viewer and Analysis Workbench inventory tools.

Note To set up the scanner to handle delta scan files in Manual Deployment mode, see How to Set up the Scanner to Handle Delta Scan Files in Manual Deployment Mode.

Note In Enterprise mode results are always saved locally—this setting cannot be changed.

Save result to network (off-site)

Saves the scan file to a remote (offsite) disk (such as floppy disk or network drive).

Click Advanced to specify the file path or URL:

File. Saves the results to the specified file path. In the File Path/URL field, specify the path as follows:
- Normal file path. The full path name, beginning with the drive letter.
  
  For example: c:\Inventory\Scans.
- UNC file path. The UNC path.
  
  Use the following format: \\servername\sharename\path\
  
  For example: \\DataFlowProbe\ScansIncoming
  Note
  - The specified UNC path must have write access. Do not specify a file name here.
  - The offsite save location can be overridden by using the -p: or /p: command line option. For example: Scanwin32-x86 -p:C:\Scanners\
  - A UNC path can also be entered as the argument to this option. The format for the UNC path is: \\servername\sharename\path\
    
    For example: Scanwin32-x86 –p:\\DataFlowProbe\ScansIncoming
  - In Windows, if the UNC name specified is visible to the machine, the scan file will be saved to the specified location, even if it is not mapped to a drive letter.
  - On UNIX and macOS machines, the UNIX/macOS save path is used instead, allowing UNIX-style syntax for specifying directories to be used. On UNIX/macOS, do not use drive letters, and the save path must instead start with ‘/’ (root) and point to a directory writable by the scanner.
FTP/FTPS. The scanner saves the scan file to the FTP or FTPS server specified in the File Path/URL field. If necessary, provide the username and password to access the specified path.

When an FTP location is specified with the -p scanner command line option, the user name and password can be encoded into the URL as follows:

ftp://user:password@host:port/dir

For detailed information, see the description of -p:<path> in Scanner Command Line Parameters Overview.
HTTP/HTTPS. The scanner saves the scan file to a Web server specified in the File Path/URL field, if it has been configured to allow writing to a particular directory. If necessary, provide the username and password to access the specified path.

Ensure that the web server has been configured to allow saving to it using HTTP. For details, see Web Server Configuration for Saving Scan Files via HTTP.

By default both the Incoming and Original directories of the XML Enricher are shared via HTTP. This can be changed to HTTPS by adjusting the Data Flow Probe configuration. See Processing Scan Files.
Note (For Manual Deployment Mode only) If you select Save result to network (off-site) and use FTP/FTPS or HTTP/HTTPS for the generated scanner in the Windows platform, make sure that the following DLL files from the Universal Discovery agent installation folder (for example, C:\Program Files\Micro Focus\Discovery Agent\bin32) are copied to the same folder where the generated scanner locates:
- For x64:
  - libeay64-disc-v09.dll
  - ssleay64-disc-v09.dll
- For x86:
  - libeay32-disc-v09.dll
  - ssleay32-disc-v09.dll

Always create log file

The log file stores progress messages for scanner hardware detection, indicates what directory data is scanned, how long the software scanning took, and contains the status of the scan file saving.

A log file is always created if this option is selected. If this option is not selected, a log file is only created if an error is encountered.

Depending on the saving options chosen, the log file is saved to the following locations:

The same location as the local scan file.
The same location as the off-site scan file (if an off-site location has been specified).
In the scan file itself (as a stored file).

The name given to the log file is the same as the name of the scan file. For example, if the scan file is called: XSF014.xsf, then the log file generated will be called: XSF014.log.

Settings Tab

Enables you to control the behavior of the scanner as it scans each computer, and how it interacts with users. By default, the scanner is made to run with the lowest priority, but goes to full speed when the screen saver is active.

User interface elements are described below:

UI Element	Description
Define how fast the scanner should run	When Run scanners at low priority is selected, the scanners can be set to run at slower than normal speed, so that they do not impact on the users' work. Use the slider control to specify how slow or how fast the scanner should run. On different target platforms, the Run scanners at low priority setting has different impacts: On UNIX and macOS, the scanner impacts CPU utilization by performing a renice of itself to run at a lower process priority. For example, if CPU is available when the scanner is set to run at Normal speed, the scanner will always utilize what it needs. If the scanner is set to run at Slow speed, on UNIX endpoints the NICE flag is specified for the process, which means that if there are other processes with higher priority than the scanner, they will utilize the CPU, but if there are no such processes active, then the scanner will utilize the CPU. On Windows, the scanner's process priority is not adjusted. Instead, the scanner proactively sleeps during the scanning process. The duration of the sleep is tied to the slider setting - the slower the setting is, the longer the sleep delay: For software scanning: the duration of the sleep is 100 milliseconds, but how often the scanner sleeps depends on the priority slider and the scanner settings. For example, if the scanner is collecting signatures, at the slowest setting it will sleep 100 milliseconds after opening/processing one file, while at the fastest setting it will sleep 100 milliseconds after opening/processing 9 files. For hardware scanning: the longest the scanner would sleep for is 1.5 seconds (between hardware tests) at the slowest setting. Note The software scanning logic is single-threaded, so the scanner will never use more than one logical CPU. As most modern servers have multiple logical CPUs available, on machines with two or more CPUs this would represent 50% or less usage overall. When Run scanners at low priority is not selected, the scanners on Windows platforms will not sleep and on UNIX/macOS platforms the scanners' process priority will not be changed when the scanning process is running. On Windows platforms, the CPU utilization consumed by the scanners depend on a number of factors - how fast the CPU is compared to the speed of the disk, the scanner configuration (for example, whether file signatures/identification is done or not), etc. If you select Increase scanning speed when the screen saver is running (Windows), the scanner increases its speed to normal as long as it detects that the screen saver is running. As soon as the screen saver disappears, the scanner runs slower again.
Define various time-outs used by the scanner	Retry off-site save after error. The scanner attempts to retry off-site scan file saving if an error occurs the specified number of times. Delay before retrying off-site save. The scanners wait for the specified amount of time (in hours, minutes and seconds) before retrying the off-site scan file saving, if an error previously occurred in this process. Maximum random delay before scan. (Windows scanner only.) The scanner waits for the specified amount of time (in hours, minutes and seconds) before doing anything on the machine. Default: 00:00:00 hh:mm:ss Maximum value: 23:59:59 hh:mm:ss If the scanner is launched via a login script, using this option allows the saving of scan files to be spread over a longer period to avoid overloading the network at busy periods. For example, in the morning, when all users come to work, power up their computers, and start the scanners at approximately the same time. Maximum software scan run time. Sets the maximum amount of time (in days, hours, minutes, and seconds) that the scanner runs. This setting is useful in protecting the scanner from scanning large volumes which were inadvertently included into the software scanning scope. If the scanner reaches the configured maximum time, it saves the scan files with the partial software details recorded right to that moment, and exists with the exit code 7. Default: 00:00:00:00 dd:hh:mm:ss (No limit applies.) Software scan cut-off time. Sets the local time of the day on the managed computer (using the 24-hour clock) when the software scan has to stop. This setting is useful as a safety feature in cases when there are certain periods of the day during which the scanning must not be performed. When the cut-off time is reached, the scanner saves the scan file containing the partial software inventory, and exits with the exit code 7. Note This option must be used with great care to avoid incomplete results being saved regularly. The inventory has to be scheduled early on during the day to allow the scanner to complete the full software inventory. Default: 00:00:00 hh:mm:ss, meaning the scan is not stopped. If, for example, you want to stop the scan before midnight, enter 23:59:59.
Define other settings that control the scanner behavior	Leave at least this amount of space in the Temp directory. Enables you to set the amount of the disk space (in MB) the scanner must reserve to be available in the Temp directory before failing. During software scanning the scanner stores the partial software scan result in the temp directory. If the amount of disk space available in the Temp directory is too low, normally the scanner uses all the available space and when none is left, it fails. However, during the time when no Temp space is available, other processes running on the system may start failing as well. This setting ensures that at least the specified amount of space is left reserved for other processes to continue their normal operation. For example, if 5 MB is specified, the scanner uses the space in the Temp directory until there is 5 MB of free disk space left, and when this limit is reached, the scanner fails. Note This number must be an integer. Default: 0, meaning no limitation.

UI Element

Description

Define how fast the scanner should run

When Run scanners at low priority is selected, the scanners can be set to run at slower than normal speed, so that they do not impact on the users' work.

Use the slider control to specify how slow or how fast the scanner should run.

On different target platforms, the Run scanners at low priority setting has different impacts:

On UNIX and macOS, the scanner impacts CPU utilization by performing a renice of itself to run at a lower process priority. For example, if CPU is available when the scanner is set to run at Normal speed, the scanner will always utilize what it needs. If the scanner is set to run at Slow speed, on UNIX endpoints the NICE flag is specified for the process, which means that if there are other processes with higher priority than the scanner, they will utilize the CPU, but if there are no such processes active, then the scanner will utilize the CPU.
On Windows, the scanner's process priority is not adjusted. Instead, the scanner proactively sleeps during the scanning process. The duration of the sleep is tied to the slider setting - the slower the setting is, the longer the sleep delay:
- For software scanning: the duration of the sleep is 100 milliseconds, but how often the scanner sleeps depends on the priority slider and the scanner settings. For example, if the scanner is collecting signatures, at the slowest setting it will sleep 100 milliseconds after opening/processing one file, while at the fastest setting it will sleep 100 milliseconds after opening/processing 9 files.
- For hardware scanning: the longest the scanner would sleep for is 1.5 seconds (between hardware tests) at the slowest setting.
Note The software scanning logic is single-threaded, so the scanner will never use more than one logical CPU. As most modern servers have multiple logical CPUs available, on machines with two or more CPUs this would represent 50% or less usage overall.

When Run scanners at low priority is not selected, the scanners on Windows platforms will not sleep and on UNIX/macOS platforms the scanners' process priority will not be changed when the scanning process is running. On Windows platforms, the CPU utilization consumed by the scanners depend on a number of factors - how fast the CPU is compared to the speed of the disk, the scanner configuration (for example, whether file signatures/identification is done or not), etc.

If you select Increase scanning speed when the screen saver is running (Windows), the scanner increases its speed to normal as long as it detects that the screen saver is running. As soon as the screen saver disappears, the scanner runs slower again.

Define various time-outs used by the scanner

Retry off-site save after error. The scanner attempts to retry off-site scan file saving if an error occurs the specified number of times.
Delay before retrying off-site save. The scanners wait for the specified amount of time (in hours, minutes and seconds) before retrying the off-site scan file saving, if an error previously occurred in this process.
Maximum random delay before scan. (Windows scanner only.) The scanner waits for the specified amount of time (in hours, minutes and seconds) before doing anything on the machine.

Default: 00:00:00 hh:mm:ss

Maximum value: 23:59:59 hh:mm:ss

If the scanner is launched via a login script, using this option allows the saving of scan files to be spread over a longer period to avoid overloading the network at busy periods. For example, in the morning, when all users come to work, power up their computers, and start the scanners at approximately the same time.
Maximum software scan run time. Sets the maximum amount of time (in days, hours, minutes, and seconds) that the scanner runs. This setting is useful in protecting the scanner from scanning large volumes which were inadvertently included into the software scanning scope. If the scanner reaches the configured maximum time, it saves the scan files with the partial software details recorded right to that moment, and exists with the exit code 7.

Default: 00:00:00:00 dd:hh:mm:ss (No limit applies.)
Software scan cut-off time. Sets the local time of the day on the managed computer (using the 24-hour clock) when the software scan has to stop. This setting is useful as a safety feature in cases when there are certain periods of the day during which the scanning must not be performed. When the cut-off time is reached, the scanner saves the scan file containing the partial software inventory, and exits with the exit code 7.

Note This option must be used with great care to avoid incomplete results being saved regularly. The inventory has to be scheduled early on during the day to allow the scanner to complete the full software inventory.

Default: 00:00:00 hh:mm:ss, meaning the scan is not stopped. If, for example, you want to stop the scan before midnight, enter 23:59:59.

Define other settings that control the scanner behavior

Leave at least this amount of space in the Temp directory. Enables you to set the amount of the disk space (in MB) the scanner must reserve to be available in the Temp directory before failing.

During software scanning the scanner stores the partial software scan result in the temp directory. If the amount of disk space available in the Temp directory is too low, normally the scanner uses all the available space and when none is left, it fails. However, during the time when no Temp space is available, other processes running on the system may start failing as well. This setting ensures that at least the specified amount of space is left reserved for other processes to continue their normal operation.

For example, if 5 MB is specified, the scanner uses the space in the Temp directory until there is 5 MB of free disk space left, and when this limit is reached, the scanner fails.

Note This number must be an integer.

Default: 0, meaning no limitation.

Miscellaneous Tab

User interface elements are described below:

UI Element	Description
Terminate the scanner if the following environments are detected	When the scanner is run inside a virtual environment, you may not want a full software scan to take place because this would scan the server for every virtual machine. When the scanner detects the selected virtual environment, the scanner exits without doing any processing with a special error level 20, allowing a script that launches the scanner to handle this situation and launch another scanner tailored for the virtual environment, if required.
Impersonate currently logged in user (Windows)	Defines whether to impersonate the currently logged in user. When this option is cleared, the scanner will run under the Windows LocalSystem account and will not try to impersonate any logged in user. The scanner then assumes that the LocalSystem account has the necessary privileges to capture all the software on that system. By default, this option is selected.
Select the action to perform when no user is logged into the computer (Windows)	Defines the action to take if there is no user logged into the computer (Windows scanner only). Scan immediately. Forces the scanner to run under the LocalSystem account. It will not be able to collect the environment information for a particular user. The environment settings for the LocalSystem account will be detected. Also any program running under the LocalSystem account does not have access to network resources, so the scanner will not be able to access any files or directories on the network. Wait until someone logs in. Instructs the scanner to wait until an interactive user logs into the system. When this is detected, the scanner impersonates this user and executes using this user’s account. This allows the scanner to collect environment information for the user. Note This setting is not suitable for standalone servers where interactive users rarely log in. Exit the scanner. The scanner simply exits without scanning the computer. Note Enterprise mode: The Windows scanner is launched via the Universal Discovery agent or by agentless NTCMD protocol. The agent itself, or the NTCMD protocol component, runs as a Windows service under the LocalSystem account. However, the scanner always tries to impersonate the account of the currently logged in user in order to collect the required network, environment, and other configuration information for the user. This setting specifies the scanner behavior when no user is logged in at the time the scan is scheduled. Manual Deployment mode: The scanner runs under the account of the currently logged in user, so normally these settings do not apply. They might only take effect when the scanner is launched by a software distribution tool that can run it under the LocalSystem account. In this case, the above logic for Enterprise mode applies.
TCP/IP connectivity options	Enable the use of the pfiles command. Enables the use of the pfiles command on the Solaris and HP-UX platforms. Default: No.

Troubleshooting Tab

Enables you to set up additional troubleshooting options for the scanners.

User interface elements are described below:

UI Element Description

UI Element	Description
Additional command line parameters to supply to the scanners	You can specify additional content for the override files here. Although the options for the scanner are normally set using the Scanner Generator, it may be necessary to change some settings to allow better operation on some machines. The operation of a scanner can be modified with the use of the various command line parameters. Additional file scanning configuration specified in the override.ini (Windows) file and the .override.ini file (UNIX/macOS) can be entered in this field. The content specified here is processed by the scanner before processing the content of the override file (if available on the system where the scanner runs).
Additional content for .override.ini file	You can override the settings of the file systems, directories, and files during the software scanning process by specifying additional settings in the override file. As indicated, on Windows systems, the name of this file is override.ini. On UNIX and macOS systems, the name of this file is .override.ini. The override file must be located in the same directory as the scanner executable. File Systems Because it is always possible, particularly on UNIX and macOS systems, that some file systems are not in the list, you can create a file where you can specify any additional names of file systems that you want to include or exclude during scanning. You can also specify names of existing file systems in case you want to change the inclusion/exclusion of such file systems after the scanner has been generated. The format of the file is as follows: [include] fs=<name of a file system> [exclude] fs=<name of a file system> There can be several fs entries in each section. For example, to ensure that all afs mount points are scanned, and that nfs and swap volumes are not, create the override file with the following contents and place it in the same directory as the scanner prior to running: [include] fs=afs [exclude] fs=nfs fs=swapfs Note The name of the file, the sections and the files systems are case-sensitive For the feature to work correctly, the override file must be present in the directory in which the scanner resides. Directories and Files The override file can also be used to exclude specific directories or files from being scanned without regenerating the scanner. Note Files can only be excluded; they cannot be included. To make use of this file, add one or more dir = <name> or file = <name> entries to the `[exclude]` section of the override file. Excluded directory names must be fully qualified. Excluded file names can contain wild cards. Note When excluding files using the override file, the scanner may still store information about the excluded files in the scan file. Adding file entries to the override file ensures that the file will not be opened for any reason, so no file identification, signatures, or archive processing will happen for excluded files. Example 1 Exclude a specific file system, two directories and all files with exe extension. [exclude] fs=autofs dir=/temp dir=/etc file=.exe Example 2* This runs a scan without software on a Windows machine. [exclude] fs=FAT fs=NTFS Example 3 Virus Warning Since the scanner opens files on the computer, if real-time antivirus software is in operation, it may detect a virus being present in a file. Depending on the virus product being used, actions will have been defined to deal with an encountered virus. Some will try to deal with the problem and immediately disinfect the file. Others will try to move the infected file to a quarantine directory and rename its file extension. In this case, the quarantine directory may be scanned by the scanner later during its scan. To prevent this from happening, use the override file with `*.vir` specified for exclusion (where `.vir` is a typical quarantine file extension). Check the specific virus product to find the extension for this type of file.

Additional command line parameters to supply to the scanners

You can specify additional content for the override files here. Although the options for the scanner are normally set using the Scanner Generator, it may be necessary to change some settings to allow better operation on some machines. The operation of a scanner can be modified with the use of the various command line parameters.

Additional file scanning configuration specified in the override.ini (Windows) file and the .override.ini file (UNIX/macOS) can be entered in this field. The content specified here is processed by the scanner before processing the content of the override file (if available on the system where the scanner runs).

Additional content for .override.ini file

You can override the settings of the file systems, directories, and files during the software scanning process by specifying additional settings in the override file. As indicated, on Windows systems, the name of this file is override.ini. On UNIX and macOS systems, the name of this file is .override.ini. The override file must be located in the same directory as the scanner executable.

File Systems

Because it is always possible, particularly on UNIX and macOS systems, that some file systems are not in the list, you can create a file where you can specify any additional names of file systems that you want to include or exclude during scanning.

You can also specify names of existing file systems in case you want to change the inclusion/exclusion of such file systems after the scanner has been generated.

The format of the file is as follows:
```
[include]
fs=<name of a file system>
[exclude]
fs=<name of a file system>
```
There can be several fs entries in each section.

For example, to ensure that all afs mount points are scanned, and that nfs and swap volumes are not, create the override file with the following contents and place it in the same directory as the scanner prior to running:
```
[include]
fs=afs
[exclude]
fs=nfs
fs=swapfs
```
Note
- The name of the file, the sections and the files systems are case-sensitive
- For the feature to work correctly, the override file must be present in the directory in which the scanner resides.
Directories and Files

The override file can also be used to exclude specific directories or files from being scanned without regenerating the scanner.

Note Files can only be excluded; they cannot be included.

To make use of this file, add one or more
```
dir = <name>
```
or
```
file = <name>
```
entries to the [exclude] section of the override file. Excluded directory names must be fully qualified. Excluded file names can contain wild cards.

Note When excluding files using the override file, the scanner may still store information about the excluded files in the scan file. Adding file entries to the override file ensures that the file will not be opened for any reason, so no file identification, signatures, or archive processing will happen for excluded files.
- Example 1
  
  Exclude a specific file system, two directories and all files with exe extension.
```
[exclude]
fs=autofs
dir=/temp
dir=/etc
file=*.exe
```
- Example 2
  
  This runs a scan without software on a Windows machine.
```
[exclude]
fs=FAT
fs=NTFS
```
- Example 3 Virus Warning
  
  Since the scanner opens files on the computer, if real-time antivirus software is in operation, it may detect a virus being present in a file.
  
  Depending on the virus product being used, actions will have been defined to deal with an encountered virus. Some will try to deal with the problem and immediately disinfect the file. Others will try to move the infected file to a quarantine directory and rename its file extension. In this case, the quarantine directory may be scanned by the scanner later during its scan.
  
  To prevent this from happening, use the override file with *.vir specified for exclusion (where .vir is a typical quarantine file extension). Check the specific virus product to find the extension for this type of file.

Send Help Center feedback