Agent Client Collector File-Based Discovery

  • Release version: Australia
  • Updated May 4, 2026
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Agent Client Collector File-Based Discovery

    Agent Client Collector File-Based Discovery (FBD) is a ServiceNow capability that scans file systems on managed endpoints to identify installed software and maintain file inventories. It operates as a lightweight background process within the existing Agent Client Collector agent and is fully managed from the ServiceNow instance. Administrators configure which directories and files to scan and the scanning frequency. Discovered files and their metadata (name, path, size, version) are sent back to ServiceNow and stored in the CMDB and application tables.

    Show full answer Show less

    To activate FBD, administrators use the Discovery Configuration Console within ServiceNow and enable the File Based Discovery toggle.

    Supported Platforms and Required Plugins

    • Supported operating systems: Windows, Linux, macOS
    • Required plugins:
      • File-based Discovery (com.snc.discovery.filebaseddiscovery)
      • Software Asset Management - File Signature Normalization (com.snc.filesignaturenormalization), auto-activated with File-based Discovery
      • Agent Client Collector - Visibility Content (snaccviscontent)
      • Software Asset Management Professional (com.snc.samp)

    Delta Scanning

    Delta scanning optimizes performance by reducing data transfer during repeat scans under the File Management policy. It works by:

    • Running a full scan initially and saving a fingerprint (snapshot) of file paths and sizes locally.
    • On subsequent scans, reporting only changes: added, modified (size changes), or deleted files.
    • Automatically forcing a full scan after a configured number of delta scans (default is 5) to maintain accuracy.

    Note: Delta scanning does not apply to Software Asset Management (SAM) or Software Identification (SWID) policies, which always perform full scans.

    Archive File Scanning

    This feature enables discovery of files contained inside ZIP and JAR archives, including executables and libraries packaged within them. Archive scanning is disabled by default and can be enabled by setting the snaccviscontent.filediscovery.archivescanenabled property to true (requires discoveryadmin role).

    The agent reads the archive's internal index to enumerate contained files without extracting or decompressing content, collecting only metadata. The same filtering rules applied to normal files on disk (including SAM allowlist and File Management extension rules) are enforced on archived files to ensure relevant data collection.

    Running Process-Based Discovery

    Process-based discovery extends FBD by detecting software running outside configured scan directories through process path detection. This enables the Agent Client Collector for Visibility - Content agent to identify additional software instances not found via file scans alone.

    Agent Client Collector File-Based Discovery (FBD) scans file systems on managed endpoints to discover installed software and track file inventories.

    FBD runs as a lightweight background process within the existing Agent Client Collector agent. It is configured and controlled entirely from the ServiceNow instance. Administrators define which directories to scan, which files to look for, and how often to scan. The agent discovers matching files, collects metadata such as name, path, size, and version, and sends the results back to the instance where they are stored in the appropriate CMDB and application tables.

    To activate FBD, navigate to the Discovery Configuration Console (All > Discovery Definition > Configuration Console) and in the File Based Discovery section, activate the Enable File Based Discovery toggle switch.
    Figure 1. Discovery Configuration Console
    Discovery Configuration Console

    For details on the FBD configuration and system properties, see Agent Client Collector File-Based Discovery properties.

    Supported platforms

    FBD supports the following operating systems:

    • Windows
    • Linux
    • macOS

    Required plugins

    The following plugins are required for File-Based Discovery on Agent Client Collector:

    • File-based Discovery (com.snc.discovery.file_based_discovery)
    • Software Asset Management - File Signature Normalization (com.snc.file_signature_normalization) — Activated automatically once the File-based Discovery plugin is active
    • Agent Client Collector - Visibility Content (sn_acc_vis_content)
    • Software Asset Management Professional (com.snc.samp)

    Delta scanning

    Delta scanning is a performance optimization that applies only to the File Management policy. It reduces the volume of data sent from the endpoint to the instance on repeat scans.

    The delta scanning process works as follows:

    1. First scan — A full scan runs. All matching files are sent to the instance. A fingerprint, which is a snapshot of all discovered file paths and sizes, is saved locally on the endpoint.
    2. Subsequent scans — The scanner compares the current file list against the saved fingerprint and reports only the differences:
      • Added — files that exist now but were not in the previous fingerprint
      • Modified — files that exist in both but with a different size
      • Deleted — files that were in the previous fingerprint but no longer exist on disk
    3. Periodic full scan — After a configured number of delta scans (default: 5), a full scan is automatically forced to verify accuracy and correct any drift.
    Note:
    Delta scanning does not apply to the SAM or SWID policies. These policies always perform a full scan on each run.

    Archive file scanning

    Archive file scanning extends file-based discovery to inspect ZIP and JAR archive files and report the files contained within them. This enables discovery of software artifacts such as executables and libraries that are packaged in the ZIP or JAR files on the endpoint.

    Archive file scanning is disabled by default. To enable it, set the sn_acc_vis_content.file_discovery.archive_scan_enabled property to true. This property requires the discovery_admin role to modify.

    When archive file scanning is enabled, the agent inspects each ZIP or JAR file encountered during a directory scan. The agent reads the archive's internal index to enumerate the files inside. No file content is extracted or decompressed. Only metadata is collected.

    For each file found inside an archive, the agent applies the same filtering rules used for regular files on disk, including SAM allowlist and File Management extension rules. Files that pass the filters are reported alongside other discovered files.

    For filtering rules and performance safeguards, see Archive file scanning filtering rules and limits.