Anti-Virus and HIPS Exclusion / Whitelisting on Linux/BSD/Unix

Have Anti-Virus or HIPS software installed? It's required that the following files, directories, and processes are excluded or whitelisted in all security software installed on the system in order to prevent conflicts with the Cloud Agent.

Directory list used by Cloud Agent installation :

On Linux/BSD:

/etc

/etc/init.d //Linux

/etc/rc.d //BSD

/etc/qualys

/etc/qualys/cloud-agent

/etc/qualys/cloud-agent/.centos //Linux

/etc/qualys/cloud-agent/cert

/etc/qualys/cloud-agent/.suse //Linux

/etc/qualys/cloud-agent/.systemd //Linux

/usr/local

/usr/local/qualys

/usr/local/qualys/cloud-agent

/usr/local/qualys/cloud-agent/bin

/usr/local/qualys/cloud-agent/lib

/usr/share/doc

/usr/share/doc/qualys-cloud-agent-<version>

On Unix:

/etc/opt/qualys

/etc/opt/qualys/cloud-agent

/etc/opt/qualys/cloud-agent/cert

/etc/qualys

/opt/qualys

/opt/qualys/cloud-agent

/opt/qualys/cloud-agent/bin

/opt/qualys/cloud-agent/lib

/opt/qualys/cloud-agent/manifests

/opt/qualys/cloud-agent/setup

/usr/share/doc

/usr/share/doc/qualys-cloud-agent-<version>

/var/opt/qualys

For agent version 1.6, files listed under /etc/opt/qualys/ are available at /etc/qualys/, and log files are available at /var/log/qualys.

Agent daemon process "qualys-cloud-agent"

The agent runs as daemon process "qualys-cloud-agent".

The agent runs various read-only commands during the scanning process. These are the same commands run by a scan using a scanner appliance. Learn more

Some transient files are created during agent execution

/usr/local/qualys/cloud-agent/Config.db - this is the current agent configuration

/usr/local/qualys/cloud-agent/manifests/*.db - this contains manifested used during agent based scans