Hello,
We have below use case from our SAM stakeholders which I think can be delivered through File based discovery.
1. Discovery of installed software that cannot be discovered by agent with SAM policies
2. Detection of file paths for installed software, which assist in building package for removal of installed software if it's not authorized software by organization.
3. Determining residual files of an uninstalled software. This is to avoid traces of any unauthorized software once it was removed from user machine.
4. Detecting cracked software & keygens
To deliver above use cases, we have configured FBD to scan entire C & D drive on end user laptop & desktops for file types like, .jar, .amd64, .bin, .exe, .zip, & .dll. However, this has resulted in exponential rise in cmdb_file_information table.
As a lesson learnt, we removed .dll from scan & excluded C:\windows & temp folders from scan.
Now the reason I am reaching out to understand is, How to get maximum installed software from user machine with limited File scan. So we do not unnecessarily overload cmdb_file_information table, which affects the performance of our ServiceNow platform.
Note:
File scan extension scan expected byour SAM stakeholders for above mentioned use cases. This is more than what we have currently configured.
.jar, .amd64, .dll, .bin, .msi, .app, .sh, .lic, .swidtag, .exe, .zip
