Skip to content

Configuration to Enable Priority-Based Offline Scanning in Privacera Discovery

Privacera Discovery provides the capability to prioritize offline scans of resources. This feature is especially useful when managing a large number of resources, as it allows you to define scanning priorities and ensure that critical resources are scanned first.

For detailed information & overview, refer to the Priority based Offline Scan documentation.

Prerequisites

  • Discovery is installed and running. Refer Discovery installation steps

Setup

To enable priority-based offline scanning in Privacera Discovery, follow these steps:

  1. SSH into the instance where Privacera Manager is installed.
  2. Navigate to the privacera-manager directory using the following command:
    Bash
    1
    cd ~/privacera/privacera-manager

  3. Add the following property to the file below:

    Property Name Default Value Possible Values Description
    DISCOVERY_FASTTRACK_OFFLINE_SCAN_ENABLE false true, false When this setting is enabled, it provides you an option to set the scan priority of the resources during offline scan.
    Bash
    1
    vi config/custom-vars/vars.discovery.aws.yml
    Bash
    1
    vi config/custom-vars/vars.discovery.azure.yml
    Bash
    1
    vi config/custom-vars/vars.discovery.gcp.yml

    Update the following variable:

    Bash
    1
2
    # Priority based Offline Scan
DISCOVERY_FASTTRACK_OFFLINE_SCAN_ENABLE: "true"

  4. Save the file and exit the editor.

Customizing Spark Pools

This step is optional

You can customize the resource allocation for Spark pools by modifying their properties. While Spark pools come with predefined default values, these can be adjusted to meet the specific requirements of your jobs.

  1. SSH into the instance where Privacera Manager is installed.
  2. Navigate to the privacera-manager directory using the following command:
    Bash
    1
    cd ~/privacera/privacera-manager

  3. Add the following property in below file:

    Bash
    1
    vi config/custom-vars/vars.discovery.aws.yml
    Bash
    1
    vi config/custom-vars/vars.discovery.azure.yml
    Bash
    1
    vi config/custom-vars/vars.discovery.gcp.yml

Update the following variable:

Bash
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
# Spark Pool Configuration default values
DISCOVERY_LISTING_SPARK_POOL_WEIGHT: 1
DISCOVERY_LISTING_SPARK_POOL_MINSHARE: 0
DISCOVERY_OFFLINE_SPARK_POOL_WEIGHT: 1
DISCOVERY_OFFLINE_SPARK_POOL_MINSHARE: 0

DISCOVERY_FASTTRACK_LISTING_SPARK_POOL_WEIGHT: 1000
DISCOVERY_FASTTRACK_LISTING_SPARK_POOL_MINSHARE: 2
DISCOVERY_FASTTRACK_OFFLINE_SPARK_POOL_WEIGHT: 1000
DISCOVERY_FASTTRACK_OFFLINE_SPARK_POOL_MINSHARE: 2

Restart Privacera Services

Bash
1
2
3
cd ~/privacera/privacera-manager
./privacera-manager.sh setup
./pm_with_helm.sh upgrade

Enable Priority Based Offline Scan

  1. Log in to Privacera:
    • For Self-Managed, log in to the Privacera Portal.
    • For Data Plane, log in to the Privacera Discovery Admin Console.
  2. Navigate to Discovery > Data Source.
  3. Select the data source for which you wish to enable priority-based offline scanning.
  4. Click the Add button, add the resource, and select the Scan Priority from the dropdown.
  5. Click Save.
  6. Click Scan Resource to initiate the scan.

Priority based Offline Scan

Comments