Node Scan Ignore Lists

In Cloudhouse Guardian (Guardian), node scans and drift reports are made up of individual configuration items that are checked on each node. Configuration items can range from verifying the version of a specific application installed on the node to verifying a node's IP address. However, some configuration items might be more important to you than others. For example, in the case of verifying a node's available disk space, this will likely vary on a regular basis, so there is little need to include it in scans and drift reports. Instead, you might choose to add the disk space configuration item to what's called an "ignore list" so it doesn't appear in these instances. If you add an item to an ignore list, that item is still included in policy and benchmark checks run by Guardian.

Ignore lists can be configured at the node group level, meaning you can create one ignore list that applies to all nodes in a given node group. You can also add items to one overarching ignore list that applies to all nodes in your inventory. Once you've created an ignore list, these items are automatically hidden when viewing difference reports or node scans. However, if you want to view these items, you can do so by toggling them back into view.

Note: This article covers setting up ignore lists for node scans and drift reports. For more information on adding ignored items to group difference reports, see Group Diff Ignore Lists.

Screenshot of a node's scan results with the Ignore Options panel displayed.

Add a Configuration Item to an Ignore List

Configuration items can be added to ignore lists directly from the Node Scan Results page. On this page, each configuration item is represented by a colored square that you can hover your cursor over or select to view more information. Once you identify the configuration item you wish to ignore, you can add it to an ignore list for one or more node groups.

To add a configuration item to an ignore list, complete the following process:

Tip: To learn how to add a wildcard to an ignore list, see View and Edit an Ignore List.

  1. From the Monitored (InventoryMonitored) tab, select a node to view its most recent scan results.

  2. Right-click the configuration item you want to ignore. The context menu is displayed.

  3. From Add to Ignore List, select the node group you want to ignore this configuration item.

    Screenshot of a node's scan results with the context menu displayed and the Add to Ignore List option highlighted

A confirmation dialog is displayed at the top of the page letting you know the configuration item will now be ignored in scans of nodes that belong to that group. By default, you will no longer see this configuration item in node scan results or drift reports, though the configuration items themselves will still exist within Guardian. If you wish to toggle these items back into view, you can do so using the Ignored Items toggle in the left sidebar of the Node Scan Results page or drift reports.

Screenshot of a node's scan results with the Ignored Items toggle highlighted.

View and Edit an Ignore List

You can view existing ignore lists either from the Node Scan Results page or from a node group's Scan Options page. You can also edit ignore lists from either location.

To view/edit an ignore list from the Node Scan Results page, complete the following process:

  1. From the Monitored  tab, select a node to view its most recent Node Scan Results page.

  2. Click the Editbutton (Edit icon as shown in the Guardian user interface.) beside Ignored Items in the Display drop-down menu. The Ignore Options panel opens, showing all currently ignored items for this node as well as which node group the ignored item applies to.

In the Ignore Options panel, you can see a breakdown of each ignored item as it applies to this node, broken down by which node group the ignored item has been assigned to. The relevant node group is listed in italics beside the Delete button (Delete button as shown in the Guardian user interface.). To remove a configuration item from the ignore list, click the Delete button.

Note: When removing items from an ignore list using this method, be aware that your changes will affect every node in the relevant node group., not just the node you are currently viewing.

To view/edit an ignore list from the Scan Options page, complete the following process:

  1. From the Monitored (InventoryMonitored) tab, select a node group from the Node Groups drop-down menu.

  2. Click the Setting button (Settings button as shown in the Guardian user interface.) beside the node group's name.

  3. Select Edit to open the node group's settings.

    Screenshot of the Monitored tab with the Gear and Edit options highlighted for a node group.

  4. Click the drop-down arrow beside Ignored Items.

Any existing ignored items for the selected node group are displayed here. To remove an item from the ignored items list, click the Delete button (Delete button as shown in the Guardian user interface.) beside that item. To edit the entire list at once, click the Edit button. The node group's ignore list is displayed in JSON. Here, you can use wildcards to define variable configuration items. Once you've made your changes, click the Checkmark button (Checkmark button as shown in the Guardian user interface.) to save them.

Screenshot of the Node Group Settings page with the Ignored Items JSON text edit box highlighted.