CT-Ops
Software Inventory Settings
Global CT-Ops settings that control installed software inventory scans.
The Software Inventory settings page controls whether CT-Ops agents collect installed package data and how often scheduled scans should run. These settings affect the host Inventory -> Packages tab, vulnerability matching that depends on package inventory, and the global Installed Software report.
Open the page from Settings -> Agents -> Software inventory. The application
route is /settings/agents/software.
Access and scope
Only instance administrators can open and change this page. Non-admin users can view host inventory where their role allows it, but they cannot enable scanning or change scan settings.
The settings are instance-wide. They apply to enrolled hosts in the current instance unless a feature uses a more specific host-level collection control.
Software Inventory card
The page shows an admin tab bar for the Agents settings area:
| Tab | Destination |
|---|---|
| Enrolment | /settings/agents |
| Host defaults | /settings/agents/defaults |
| Tag rules | /settings/agents/tags |
| Software inventory | /settings/agents/software |
The Software Inventory card explains that agents scan installed packages and that results appear on each host’s Inventory tab and in the global Installed Software report.
Fields and controls
| Field or control | Default | Validation | What it does |
|---|---|---|---|
| Enable software inventory scanning | Off when no setting has been saved | Boolean switch | Turns scheduled installed-package scans on or off for the instance. When off, hosts with no prior scan show a disabled inventory state. Existing package rows remain available until normal data changes remove or supersede them. |
| Scan interval (hours) | 24 | Integer from 1 to 720 hours | Controls how often each host is expected to run a software inventory scan. 720 hours is 30 days. This field is shown only when scanning is enabled. |
| Include Snap and Flatpak packages (Linux) | Off | Boolean checkbox | Requests additional Linux application sources when the agent supports them. Use it when Snap or Flatpak packages matter for vulnerability, audit, or drift checks. |
| Include Windows Store apps | Off | Boolean checkbox | Requests Windows Store app inventory when the agent supports it. Use it when Store-installed applications need to appear in software evidence. |
| Save | Disabled until local changes exist | Server-side settings validation | Persists the current settings. The button changes to Saving… while the request is in flight. |
| Saved | Hidden | Appears after a successful save | Confirms the server accepted and stored the settings, then clears automatically after a short delay. |
If the server rejects the update, the settings are not saved. Common causes are missing administrator access or a scan interval outside the allowed range.
Behavior affected by these settings
The setting changes are visible in host inventory workflows:
| Area | Effect |
|---|---|
| Host Inventory -> Packages | If scanning is disabled and the host has no previous scan, the Packages tab tells the operator to enable software inventory here. |
| Stale inventory warning | The Packages tab treats a scan as stale when the last completed scan is older than twice the configured interval. With the default interval, that means older than 48 hours. |
| Manual Rescan now | Manual scans still create an on-demand software_inventory task for an administrator. Use this after patching or when waiting for the next scheduled interval would slow triage. |
| Vulnerability matching | Host package vulnerability findings depend on recent package inventory. If scans are disabled or stale, vulnerability evidence may lag behind the actual host state. |
| Installed Software report | The global report uses collected package rows. Disabling scans stops new scheduled package data from being collected. |
Operator guidance
Enable software inventory for production hosts where CT-Ops is expected to support vulnerability triage, audit evidence, and package drift review. Keep the interval short enough for operational decisions: 24 hours is a practical default, while faster-moving environments may need a shorter interval.
Use the optional package source checkboxes only when those ecosystems are relevant to your estate. Extra sources can increase scan time and row counts, so they are most useful when Snap, Flatpak, or Windows Store packages are part of the software baseline you need to manage.