Support
Scans

Internal Agents in Invicti Enterprise

This document is for:
Invicti Enterprise On-Demand, Invicti Enterprise On-Premises

In some organizations, some websites will only be available in the local network (and not on the internet). You can use our Internal Agent feature to scan your internal websites while the results remain on our Invicti Enterprise servers.

You can install an internal agent in Windows, Linux, and Docker. For further information, see Installing Internal Agents.

The Internal Agents feature is available in both Invicti Enterprise (On-Demand) and On-Premises.

Manage Agents Fields

This table lists and explains the fields in the Agents window.

Field

Description

Name

This is the name of the agent.

State

This is whether the agent is online and waiting for a scan assignment.

  • Available
  • Launching
  • Waiting
  • Scanning
  • Terminated
  • NotAvailable

Launch Date

This is the date when the agent was first available.

Last Heartbeat

This is the last time the agent communicated with the web application.

Version

This is the version number of the scan agent.

Is Up To Date

This is whether the Agent is up-to-date.

Operating System

This is the operating system on which the Agent is installed.

Installed Framework

This is the .NET environment on which the Agent is running.

Operating System Architecture

This represents the operating system architecture on which the Agent is installed.

Target URL

This is the target URL of the website, including the path.

Process Architecture

This represents the process architecture on which the Agent is installed.

IP Address

This is the IPv4 version of the Agent.

How to configure an agent for a website
  1. Log in to Invicti Enterprise.
  2. From the main menu, select Websites > New Website.
  3. On the New Website page, complete the fields, as described in How to Add a Website in Invicti Enterprise.
  4. In the Agent Mode field, select an option.

  1. Select Save.
How to scan an internal website
  1. From the main menu, select Scans > New Scan.
  2. In the Target URL field, enter the URL of the internal website.

  1. From the Preferred Agent drop-down, select an internal agent to use it during the scan if there is more than one. Alternatively, you can retain the default setting (Any of the available agents), so that Invicti Enterprise will automatically select one of them.
  2. Complete the remaining fields, and select Launch.
How to View Commands for an Agent
  1. From the main menu, select Agents > Manage Agents.
  2. On the Agents' page, select the relevant agent.
  3. From the Commands drop-down, select View Agent Commands.

The Commands window is displayed.

Accessing Agent Logs

The Invicti Enterprise Scanning Agent stores the application logs in the Logs folder in the installation path.

With the latest version of the Agent, the last three days’ logs can be downloaded from the Manage Agents page. These logs are especially useful for troubleshooting.

How to Access Agent Logs

  1. From the main menu, select Agents Manage Agents.
  2. Next to the relevant Agent, select the Command drop-down, then Request Agent Logs.

  1. Once you confirm, the logs will be requested from the target agent and can be downloaded from the UI.

  1. Select the bell, then select the relevant notification.
  2. Select Download Logs. The download will start.

Filtering scanning agents

Column Filters

All columns can be filtered, using a highly customizable combination of Fields, Operators, and Values. Each is explained below.

Filters & Values

This table lists the filters and values available for the columns listed above. Select an option to filter the list by that criterion.

  • In many cases, values can be entered into the value field; in others, the value can be selected from a drop-down menu.
  • You can enter more than one filter at a time.

Field

Description

Value

Name

Select to filter notifications by their name.

Enter a value.

State

Select to filter by agent's state.

The drop-down options are:

  • (Not Set)
  • Agent is not available
  • Available
  • Disabled
  • Launching
  • Scanning
  • Terminated
  • Updating

Launch Date

Select to filter by agent's launch date.

Select a date from the calendar picker.

Last Heartbeat

Select to filter by agent's last heartbeat.

Select a date from the calendar picker.

Version

Select to filter by agent's version.

Enter a value.

VDB Version

Select to filter by vulnerability database version.

Enter a value.

Operating System

Select to filter by the operating system.

Enter a value.

Installed Framework

Select to filter by the installed framework.

Enter a value.

Operating System Architecture

Select to filter by the operating system architecture.

Enter a value.

Process Architecture

Select to filter by the process architecture.

Enter a value.

Target URL

Select to filter by the target URL.

Enter a value.

IP Address

Select to filter by IP Address.

Enter a value.

Operator

This table lists and explains the Operators available for filtering columns. They work in conjunction with the Field, Operator, and Value.

Operator

Description

Equal

This operator can be used for exact matching. For example, if filtered by the Target URL http://www.example.com/, the filtered list of results would not also list http://api.example.com.

Not Equal

This operator can be used to exclude some results based on exactly matching. For example, if filtered by the Target URL of http://www.example.com/, the filtered list of results would exclude scans for that one.

Contains

This operator can be used to include results if the filtered column contains the value. It does not matter where the value is. For example, you could filter for the word 'production'.

Not Contains

This operator can be used to exclude certain results on the Websites page.

Starts with

This operator can be used to filter for columns that begin with the value.

Ends with

This operator can be used to filter for columns that end with the value.

Less than

This operator can be used to filter columns that contain numeric and date-time values rather than string values. For example Initiate Time, Duration, or Finish Time.

Less than or equal

This operator can be used to filter columns that contain numeric and date-time values rather than string values. For example Initiate Time, Duration, or Finish Time.

Greater than or equal

This operator can be used to filter columns that contain numeric and date-time values rather than string values. For example Initiate Time, Duration, or Finish Time.

Greater than

This operator can be used to filter columns that contain numeric and date-time values rather than string values. For example Initiate Time, Duration, or Finish Time.

Value

This table lists the dropdown values available for filtering columns.

Value

Description

Agent is not available

This value can be used to filter down Agent according to its state. As the name implies, when selected only agents that are unavailable will be shown in the grid.

Available

This value can be used to filter down Agent according to its state. As the name implies, when selected only agents that are available will be shown in the grid.

Disabled

This value can be used to filter down Agent according to its state. As the name implies, when selected only agents that are disabled will be shown in the grid.

Launching

This value can be used to filter down Agent according to its state. As the name implies, when selected only agents that are launching will be shown in the grid.

Scanning

This value can be used to filter down Agent according to its state. As the name implies, when selected only agents that are scanning will be shown in the grid.

Terminated

This value can be used to filter down Agent according to its state. As the name implies, when selected only agents that are terminated will be shown in the grid.

Updating

This value can be used to filter down Agent according to its state. As the name implies, when selected only agents that are updating will be shown in the grid.

How to filter notifications in Invicti Enterprise
  1. From the main menu, select Notifications > Manage Notifications.
  2. From the Manage Notifications page, select the filter button ( ) next to any header column.
  3. Select Clear to clear all fields.
  4. Add a New Filter.
  5. In the relevant filter, where relevant:
    • From the Field drop-down, select Tag.
    • From the Operator drop-down, select an option.
    • In the Value field, enter a value.
  1. Select Apply.
Not found what you're looking for?

Open a ticket and our technical support team will assist you quickly.

Open a ticket This will redirect you to the ticketing system.