Run Linux SSH Scan
  • 1 minute to read
  • Print
  • Share
  • Dark

Run Linux SSH Scan

  • Print
  • Share
  • Dark

The Run Linux SSH Scan action runs an SSH scan on each of the query results, which are endpoint Linux machines.
The scan retrieves important information about the device, including:

  • Hostname
  • Network Interfaces - including MAC addresses, IP addresses and subnets
  • Operating system, kernel version and distribution
  • A list of installed software
  • Users and admin users
  • Hard drives and file systems
  • CPUs and RAM
  • Hardware details, including serials
  • and more...

Most of the Linux SSH scan information is also displayed under the various asset aggregated data tables.
For more details, see Device Profile screen.

The Linux SSH adapter is a 'read only' adapter. The adapter only gathers information about the endpoint Linux machine and does not change it.

It is safe to use the adapter to fetch information from production environments.

For details on the list of used commands and read files, see Connecting Linux SSH Adapter.

To configure the Run Linux SSH Scan action, do as follows:

  1. From the Action Library, click Run Command, and then click Run Linux SSH Scan.


  1. Define a unique action name.
  2. Specify the information required to run the Linux SSH Scan. The action configuration and logic are the same as the ones used when Connecting Linux SSH Adapter.
  3. If you are using multi-nodes, choose the Axonius node to use to interact with the adapter when executing the enforcement action.
  4. Save the action.

For more details on other available enforcement actions, see Action Library.
For more details on Enforcement Set configuration, see Enforcement Set configuration.

Was this article helpful?