PerformOracleJavaAuditScan

IT Asset Management (Cloud)

Command line | Registry

Tip: This preference requires that the up-to-date InventorySettings.xml file is either:

Co-located with the FlexNet Inventory Scanner (or the scanner-like ndtrack.sh on UNIX-like platforms)
Correctly installed with the fully-installed FlexNet Inventory Agent.

Unless this condition is met, this preference is ignored.

The Oracle Java audit scan collects additional information on the Java installations found on the system being scanned - such as build type (for example, commercial), installation date, presence of the release file, and publisher. These additional properties together with some hardware information from the system are incorporated into the OracleGLASEvidence.zip archive, ready for submission when an audit is required.

By default, the tracker (ndtrack executable) assumes the value False for this preference, and therefore takes no related action. However, if an operator sets the Enable collection of Oracle Java audit data check box located on the Inventory Settings page (Data Collection > IT Assets Inventory Tasks > Inventory Settings), the change is distributed through device policy to the locally-installed FlexNet Inventory Agent on all managed inventory devices. When the check box selection arrives through device policy, it is saved by setting this preference to True in the registry, as shown in the table below. Alternatively (as is typical for preferences), the preference may be set in the registry manually or through the use of a third-party registry management tool; or it may be set in the command line for the tracker.

Important: For the PerformOracleJavaAuditScan preference to take effect, the following preferences must also be set:

PerformLocalScripting must be true (this is its default value).
IncludeDirectory must not be turned off through the web interface of FlexNet Manager Suite. This is controlled through the Inventory Settings page (Data Collection > IT Assets Inventory Tasks > Inventory Settings), where for each type of computer platform, there are three options:
- Do not collect file evidence — Do not select this option, since turning off collection of file evidence prevents gathering of inventory for Oracle Java audit.
- Collect file evidence for all folders — This setting requires a careful balancing act:
  - On the one hand, use this option with caution, since its effect is not limited to Java products. It may cause very large increases in total file evidence collected, uploaded, and processed during license reconciliation, and may therefore have major impacts on system performance. (However, the good news is that, if you use this setting temporarily and then turn if off again, excess uploaded file evidence that subsequently disappears from future inventory uploads is automatically cleaned up in the next compliance calculation.)
  - On the other hand, Oracle requires that all folders are scanned, to ensure that no installations of Java are overlooked.
- Collect file evidence for specified folders — You may use this option to specify as many directories as needed to ensure coverage of all your Java installations. Keep in mind that these settings are distributed through policy to all managed inventory devices (those getting policy from an inventory beacon and uploading to one as well) throughout your computing estate. The option is therefore best suited if you distribute a Standard Operating Environment (SOE) to your servers, so that Java products are installed in folders consistently named per platform across your enterprise.
Optionally, as always, ExcludeDirectory may be used, for example, to filter out child directories that are not required from the parents included in the previous settings.

Once PerformOracleJavaAuditScan is set to True (and its prerequisites are correctly set), the FlexNet Inventory Agent (version 18.4.0 or later) collects the inventory that Oracle requires for Java audits. The collected inventory is included with the standard archived .ndi file for each inventory upload, and eventually imported into IT Asset Management through the standard processes.

Remember: By default, the uploaded data is only available within IT Asset Management, and not included in the nightly archive saved for possible submission to Oracle. A separate check box, Include Oracle Java (on the Inventory tab of the IT Asset Management Settings General page) allows the uploaded data and files to be incorporated into the OracleGLASEvidence.zip archive, ready for submission when an audit is required.

Important: On the Windows platform, only the java.exe executables that are digitally signed will be processed. For the java.exe executables that are not digitally signed, file evidence will still be reported, but the executables will not be executed to obtain version information, nor will additional Java verification checks be performed. For details about command line parameters, see Common: Child Processes on Windows Platforms.

Values

Values / range	Boolean (`True` or `False`)
Default value	`False` Tip: If the preference has not been set in the registry following the download of device policy, this default value is supplied by the tracker internally.
Example values	`True`

Command line

Tool	`ndtrack`
Example	`-o PerformOracleJavaAuditScan=true`

Registry

Installed by	Either: Manual configuration (without which, code internals supply the default) Download of device policy that sets the value to `True`.
Computer preference	`[Registry]\Managesoft\Tracker\CurrentVersion`

IT Asset Management (Cloud)

Current