Skip to content

Inventory

Enclave automatically inventories assets that are connected to the EMC. By default, all nodes are inventoried if asset management is enabled. Optionally user devices can be inventoried as well.

inventory example

Data collected

The agent collects a number of different data points from a host. The following is a list of the data points that are collected:

  • board_model
  • board_serial
  • board_vendor
  • board_version
  • certificates.common_name
  • certificates.subject
  • certificates.issuer
  • certificates.ca
  • certificates.self_signed
  • certificates.not_valid_before
  • certificates.not_valid_after
  • certificates.signing_algorithm
  • certificates.key_algorithm
  • certificates.key_strength
  • certificates.key_usage
  • certificates.subject_key_id
  • certificates.authority_key_id
  • certificates.sha1
  • computer_name
  • cpu_brand
  • cpu_brand
  • cpu_logical_cores
  • cpu_microcode
  • cpu_physical_cores
  • cpu_subtype
  • cpu_type
  • disk_space.gigs_disk_space_available
  • disk_space.percent_disk_space_available
  • firewall_rules.direction
  • firewall_rules.dst_ip
  • firewall_rules.dst_port
  • firewall_rules.enabled
  • firewall_rules.protocol
  • firewall_rules.src_ip
  • firewall_rules.src_port
  • hardware_model
  • hardware_serial
  • hardware_vendor
  • hardware_version
  • hostname
  • kernel_version
  • kernel_sub_version (debian only)
  • listeners.address
  • listeners.cmdline
  • listeners.name
  • listeners.path
  • listeners.pid
  • listeners.port
  • listeners.protocol
  • local_hostname
  • os_arch
  • os_name
  • os_platform
  • os_platform_like
  • os_version
  • patches.hotfix_id (Windows only)
  • patches.installed_on (Windows only)
  • patches.description (Windows only)
  • patches.title (Windows only)
  • patches.date (Windows only)
  • physical_memory
  • primary_ip
  • primary_mac
  • public_ip
  • software.arch
  • software.name
  • software.repo
  • software.source
  • software.type
  • software.vendor
  • software.version
  • users.groupname
  • users.shell
  • users.type
  • users.uid
  • users.username
  • uuid

Ephemeral assets

Optionally, you can mark an agent as ephemeral. This means that the inventory data for a particular agent will be deleted after a certain period of time. This is useful for devices that are constantly changing, such as containers or virtual machines. You can set the retention period for ephemeral assets in the Enclave management console (default is 30 days).