The agent and connection manager configuration file allows for some customization for your deployment.

Overview

There are many configuration options for the agent and connection manager. Below is a non-exhaustive list of the most commonly used settings. If you have any further questions about a setting, please contact UpGuard Support

Configuration File Location

On Windows, the agent or connection manager configuration file is in C:\Program Files\UpGuard\.upguard\upguard.yml

On Linux, the agent configuration file is in /etc/scriptrock/scriptrock.yml

Configuration Settings

Test Timeout

Key: test_timeout

Value: Timeout for each test run on a node, in seconds

Default: 45


By default, this timeout is 30 seconds. For a large number of files, or a Windows node, this may need to be increased. If you need to increase this value, start with 300 to change the timeout to 5 minutes. Beyond this, contact UpGuard Support

Increase this value if:

  • You receive timeout errors in the results of a node scan

REST Timeout

Key (Windows): rest_http_timeout

Key (Linux): http_timeout

Value: Timeout when contacting the UpGuard API (on the appliance), in seconds

Default: 30


When an agent or connection manager contacts the UpGuard API to retrieve jobs (for example, a job to scan a node), it does this through a REST API request. For slower connections, this timeout can be increased so the scan process completes successfully.

Increase this value if:

  • You are having scan failures where the scan completes, but it cannot upload the scan to the UpGuard appliance

Ignore SSL Certificate

Key: ignore_ssl_cert_check

Value: true or false

Default: false


For insecure connections to the UpGuard appliance, set this value to true. It is advised to only use this temporarily, and work with UpGuard Support to install a valid certificate on the appliance.

Ignore Node SSL Certificate

Key: ignore_node_ssl_cert_check

Value: true or false

Default: false


For a node that defaults to an SSL connection (such as a VMWare node), set this value to true if you do not use certificates in your connection to the node.

For example, most customers do not setup valid certificates for their internal VMWare server. If you would like to scan a VMWare server as a node in UpGuard that does not have a valid certificate, set this value to true.

Poll Interval

Key: poll_interval

Value: Interval between check-ins to the appliance, in seconds

Default: 5


This value determines the time between check-ins with the UpGuard appliance to find if there is any jobs for this agent/connection manager.

Proxy

Key: proxy

Value: YAML block with the proxy settings

Default: None


If your connection from the connection manager or agent to the appliance goes through a proxy, you can define that in the configuration using the following block:

proxy:
  host: my.proxy.hostname
  port: 1234
  username: proxyuser
  password: proxypass

File Scan Limit

Key (Windows): max_number_files

Key (Linux): max_scan_files

Value: Number of files that can be scanned on a node

Default: 1500


Maximum number of files to be scanned on a node. If you need a value over 5,000, please contact UpGuard Support to discuss its effect on your appliance.

File Size Limit

Key: max_content_check_file_size

Value: Maximum file size when scanning file contents, in KB

Default: 100


When scanning the contents of a file, this is the maximum file size that will be scanned. A file over this limit will result in a message in the scan results.

Registry Scan Limit

Key: max_number_registry

Value: Number of registry keys to scan

Default: 1500


For Windows nodes, this is the limit of the number of registry keys that will be returned in a scan.

Alternate Hostname

Key: alternate_hostname

Value: String of the hostname to report to the UpGuard appliance

Default: None


Introduced in 4.8.29

Set this value to override the hostname reported to the UpGuard appliance for the agent or connection manager.

Tags: agent