Scan Settings
The Scan Settings page displays your license utilization and configuration settings for Container Security scans.
The License Utilization section displays your current license usage. For more information, see License Requirements. To reduce your license utilization, To reduce your license utilization, delete assets on the Images tab of the Assets page. For more information, see Assets.
Use the fields below to point to the different registries that you want to scan for images. You can further refine this by explicitly indicating when to scan, the number of scans, and exactly where to scan.
Note: These settings do not apply to active scans. To apply these settings to an active scan, you must stop and restart the scan after saving the settings.
| Option | Description |
|---|---|
|
Global Settings |
|
|
Images with a build time less than |
Images built in the last 90 days are scanned by default. You can customize this setting to scan images built within a minimum of 1 day or a maximum of 10,000 days; otherwise the default of 90 days will apply. |
|
Maximum number of images to scan per repository |
The default scan limit is 20 images per repository. You can customize this setting to scan a minimum of 1 image or a maximum of 100,000,000 images; otherwise, the default limit of 20 images will apply. |
| Live scans |
Enable this setting to perform continuous vulnerability assessment against the existing container image inventory after each plugin feed update. Scheduled scans take priority in the queue over live scans and do not block plugin feed updates. Note: Live scans may take longer to process if they overlap with scheduled scans, because live scans have lower priority. |
|
Scan Inclusion Use these fields to specify the registry, repository, and image tags to include in your scans. Container Security will prioritize matching images to consume available licenses in subsequently scheduled scans. Note: Using an asterisk (*) will include all. |
|
|
Registry Name |
The name of the registry you want to prioritize in scans. |
|
Repository Name |
The name of the repository you want to prioritize in scans. |
|
Tag |
The image tags you want to prioritize in scans. |
|
Scan Exclusion Use these fields to specify the registry, repository, and image tags to exclude from your scans. Container Security will exclude matching images from scans, and will not consume licenses in subsequently scheduled scans. Note: Using an asterisk (*) will include all. |
|
| Registry Name |
The name of the registry you want to exclude from scans. |
| Repository Name |
The name of the repository you want to exclude from scans. |
| Tag |
The image tags you want to exclude from scans. |