Heading link
copied to clipboard
Discovery Glossary
- Command sets: An SSH script that runs on Unix machines and produces a specific set of output to be consumed in a discovery source flow.
- Discovery scan template: A scan template simply defines an object and what properties the object contains. For example, a computer account has a name, machine, and domain. Think of a scan template as an interface that describes an object.
- Discovery scanner: This item defines how to take that information and runs code to produce collection outputs. Scanners can be system out-of-the-box code that runs natively in the system or completely custom scripts that can do anything.
- Discovery scripts: In the scripting section, you can define a script for a discovery scanner. While scripts are not specific to discovery, they are an important piece to help use the power of extensible discovery.
- Discovery source flow: A collection of scanners that work in a common pipe and filter architecture where each scanner inputs a certain type of item and then outputs a different type of item. For example, a scanner takes an input of a host IP range and outputs multiple computers that can then be consumed by another scanner which can input computer information and output computer accounts.
- Discovery source: This defines the definition for how items are discovered. One discovery source may discover Active Directory items, and one may discover Unix machines. It is common to have multiple discovery sources. Each source defines credentials, scanners, and settings specific to your network.
- Secret search filters: Certain scanners and import rules can leverage a filter that uses the name of the machine to find or use an associated Secret. For example, you may have a pattern of naming the local account on a machine including the machine name. A secret search filter allows you to find secrets using the name of the current machine in the pattern to find the matching secret.
