Managed Devices

You can discover keys by creating and running scans on your configured devices. The Discovery scans these devices for SSH keys configured on your server. You can map the discovered keys to the selected key compliance groups and manage/monitor them.

To discover keys using managed devices option:

  1. Go to (Menu) icon > SSH+ > Discovery > Managed Devices.
    The Managed Devices > Discover page is displayed.
  2. Enter the following details:
    Table 1. Field description for Discover Managed Devices section
    Field Description
    Discover By
    *Select Select one of the options:
    • Instant: To discover the keys immediately. By default, Instant option is selected.
    • Scheduled: To schedule the discovery of keys on a specific date and time.
    Scheduler (This section appears only if you have selected the Discovery option as Scheduled)
    *Schedule Name Enter a unique name. This helps you identify it easily.
    Description Enter details pertaining to the scheduling discovery purpose.
    *Starts On Under the Starts On, set the time to start the run. You can customize the date, month, year, and time by clicking the Calendar icon.
    *Repeat Every Schedule discovery can be set to repeat discovery after every 5 minutes or can be customized per your requirement.
    *End Date Select one of the options to end the scheduled discovery:
    • Never: To keep the scheduled discovery going.
    • On: To select the end date when the scheduled discovery has to stop.
    • After: To stop the scheduled discovery after a certain number of occurrences.
    Discover SSH Keys
    *Discovery Name This field appears only on selecting the Instant discovery option. Enter a unique name. This helps you identify it easily.
    Description This field appears only on selecting the Instant discovery option. Enter details pertaining to the discovery stating the purpose.

    A list of added and managed devices is displayed. Only devices with status as Managed and those that have RW permission are displayed in the list.

    From the list of managed device(s), select the Managed Device(s). The selected device(s) is the source of discovery.

    To select all the managed devices, select Select all. All the managed devices are the source of discovery.

    To understand the functionality of Regex, see Using Regex Feature.

    *Discover By Select a discovery option, and then choose the corresponding host groups or individual hosts from the list. The options are:
    • Host Compliance Groups - Displays all available host compliance groups grouped under GROUPS > Host Compliance Group.
    • Managed Hosts - Lists all managed hosts individually.
    *Ip(S) Per Batch Select a value from the dropdown list. Based on this value, the subnet provided is split into multiple batches for the discovery process.
    *Inventory Action Select an action to perform on the discovered keys, The options are:
    • Do Not Move - Newly discovered keys will not be added to the inventory.
    • Manage - Newly discovered keys will not be added to the inventory with a managed status.
    • Monitor - Newly discovered keys will not be added to the inventory with a monitored status.
    Note: * - Mandatory fields.
  3. Click Add.
    The File Path table is populated with the operation.
  4. In Inventory Action, select one of the options:
    • Do Not Move: To avoid the movement of newly discovered keys in the inventory.
    • Manage: To allow the system to manage the newly discovered keys, which are moved to the inventory with Managed status.
    • Monitor: To allow the system to monitor the newly discovered keys, which are moved to the inventory with Monitored status.
  5. Click Discover.

    The discovery runs per the settings and the key scan instance is added to the discovery inventory with the Status as In Progress until the discovery is completed. The Status in the discovery inventory changes to Completed or Failed depending on the outcome of the scan.