Comprehensive Guide to Saner Agent Device Scanning and Data Processing

Modified on Mon, 13 Oct at 10:58 AM

Product Version: 6.5.0.0


Overview

This article provides a comprehensive breakdown of the Saner Agent’s scanning process, including detailed steps, executed commands, log updates, and upload procedures. Each phase is outlined to help users understand how the agent performs scans, processes data, and reports results to the server.


Sequence of Events During the Scan

1. Agent Activation Status

  • When a device is activated, the agent sends a response code to the Saner server.

  • Once the server acknowledges the response, the agent appears as Active in the Viser interface, ready for scanning and management operations.

  • Ensure that the agent version aligns with organizational policies or compliance requirements.


2. Compliance Scan

The compliance scan is initiated using the following predefined command:

"C:\Program Files (x86)\SecPod Saner\Agent\6.5.x.x\bin\spscanmanager.exe" COMPLIANCE "C:\Program Files (x86)\SecPod Saner\Agent\6.5.x.x" "C:\Program Files (x86)\SecPod Saner\Agent\6.5.x.x\updates"

  • After execution, the agent verifies the scan’s exit code to confirm successful completion.

  • Example log entry:

    Scan process exit code for 'COMPLIANCE' scan. Exit_code:The operation completed successfully
    


3. Vulnerability Scan

After completing the compliance scan, the agent automatically triggers a vulnerability scan using the command:

"C:\Program Files (x86)\SecPod Saner\Agent\6.5.x.x\bin\spscanmanager.exe" VULNERABILITY "C:\Program Files (x86)\SecPod Saner\Agent\6.5.x.x" "C:\Program Files (x86)\SecPod Saner\Agent\6.5.x.x\updates"

  • Once the scan is finished, logs are updated and can be viewed on the Viser device page.

  • This scan identifies vulnerabilities present in the device and reports them to the Saner server.


4. Response Code Update

After completing the scan, the agent sends a status update to the server to record the latest scan results.

Example log entry:

Updating status to server: ScanDone

  • This ensures that the latest scan data and compliance information are reflected in the console.

  • The spscanmanager file is updated with a timestamp confirming completion.


5. Detailed Scan Results

The agent executes the following command to collect detailed system scan results:

"C:\Program Files (x86)\SecPod Saner\Agent\6.5.x.x\bin\spscanmanager.exe" "C:\Program Files (x86)\SecPod Saner\Agent\6.5.x.x"

  • These results provide in-depth system configuration, compliance, and vulnerability information.

  • Example log entry:

    Scan process exit code for 'Detailed System' scan.
    Exit_code: The operation completed successfully.


6. Patch Scan

The patch scan identifies missing and installed patches using the following commands:


"C:\Program Files (x86)\SecPod Saner\Agent\6.5.x.x\bin\spscanmanager.exe" "C:\Program Files (x86)\SecPod Saner\Agent\6.5.x.x" "PatchServerCheck"

"C:\Program Files (x86)\SecPod Saner\Agent\6.5.x.x\bin\spscanmanager.exe" "C:\Program Files (x86)\SecPod Saner\Agent\6.5.x.x" "PatchCollection"


  • After successful execution, logs confirm patch collection and upload:

    installed and missing patch collection done ScanDone status. Successfully updated to server.


7. CRE Files Download

The agent downloads Configuration Data Template (CRE) files from the server using the command:

https://saner.secpod.com/AncorWebService/sanergetcrebundleforcveccelist?macaddress=  <<MAC ADDRESS of the device >> 

  • These files help the agent perform accurate vulnerability and patch assessments.

  • Example log entry:

    getAllCREs DONE!!
    All CRE files downloaded successfully.
    


8. Windows Update Agent (WUA) Checks

  • The agent performs Windows Update Agent checks to identify missing Windows updates.

  • Logs capture probe collection, system data retrieval, and patch status.


9. Patch Repository Collection

The agent collects patch repository details using the following command:

"C:\Program Files (x86)\SecPod Saner\Agent\6.5.x.x\bin\spscanmanager.exe" "C:\Program Files (x86)\SecPod Saner\Agent\6.5.x.x" "PatchServerCheck"

  • Logs confirm successful repository data collection and scan completion.


Conclusion

The Saner Agent follows a systematic and automated process for scanning devices, collecting compliance and vulnerability data, and identifying missing patches. Through consistent logging, status updates, and data uploads, administrators gain complete visibility into device health and patch posture. This streamlined process ensures continuous monitoring, compliance enforcement, and proactive remediation across the organization.

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article