Skip to main content
Version: 4.2

Configuring Inventory Processor

Settings Description

Inventory Processor is the executable module file responsible for populating the asset database. The standard executable file name is: moduleInventory-<version>.

Configuration File

To run Inventory Processor, a configuration file named config.yml must be present in the module folder. It contains the following parameters:

ParameterDescriptionRequired
opensearchList of OpenSearch cluster servers.Yes
usernameUsername for connection.Yes
passwordPassword for connection.Yes
certCA certificate for authentication verification.Yes
join_events_with_null_valueSkip empty keys during the aggregation stage.No
include_assetsList of asset configurations requiring processing. If not specified, all configurations will be processed.No

Example config.yml content:

opensearch: ['https://172.16.0.60:9200']
username: 'admin'
password: 'pass'
cert: 'root-ca.pem'
join_events_with_null_value: false
include_assets:
  - asset_name: 'Hosts'
    search_fields: ['hostname']
  - asset_name: 'Users'
    search_fields: ['username']
danger

If you need to hide the password from the Inventory configuration file, the username and password parameters can be omitted from the configuration file and specified via environment variables instead: SM_INV_USERNAME and SM_INV_PASSWORD.

Environment variable values override parameters set in the configuration file. To pass environment variables to a cron job, define them in the /home/opensearch/.profile file and run the cron job via bash. Access to the /home/opensearch/.profile file should be strictly limited, allowing only the root user and the user running the service to read it.

Example crontab for the opensearch user:

* * * * * bash -l -c "cd /app/inventory; ./moduleInventory"

Example /home/opensearch/.profile:

export SM_INV_USERNAME=admin
export SM_INV_PASSWORD=VeryStrongPassword

Launch Parameters

The Inventory Processor executable supports the following launch parameters:

  • -v - display version
  • -log - duplicate log output to console (optional)
  • -with-index - fast search for partial similarity candidates (optional)
  • -bulk-changes - send asset changes via bulk request (optional)
Example of version output
./moduleInventory -v
Launch example
./moduleInventory -log -with-index -bulk-changes
Launch example in the cron task
./moduleInventory -with-index -bulk-changes
Example running without partial similarity search optimizations
./moduleInventory

Setup Process

To configure Inventory Processor, open a terminal as the root user to execute commands. In the terminal, perform the following steps:

  1. Create a working directory. For example, the directory /app/inventory/.
mkdir /app/inventory
  1. Copy the Inventory Processor executable moduleInventory to the working directory
  2. Change the group and owner of the working directory and its contents to the group and user that will run Inventory Processor, e.g., opensearch
chown -R opensearch:opensearch /app/inventory/moduleInventory
  1. УSet execute permissions for the moduleInventory file.
chmod +x /app/inventory/moduleInventory
  1. In the Inventory Processor working directory, create the config.yml file and fill it out according to the Configuration File section
  2. To periodically update the asset database, configure a cron job