Agents¶

Agents automatically collect software inventory from your systems.

Overview¶

SentriKat supports multiple methods for inventory collection:

Method	Platform	Automation	Best For
Windows Agent	Windows	Scheduled	Workstations, servers
Linux Agent	Linux	Scheduled	Linux servers, containers
macOS Agent	macOS	Scheduled	Mac workstations
Container Scanning	Linux/Windows/macOS	Automatic	Docker & Podman endpoints
Lansweeper	Any	Scheduled	Existing Lansweeper environments
PDQ Deploy	Windows	Push	Managed Windows networks
SCCM/Intune	Windows	Push	Enterprise environments
REST API	Any	Custom	Custom integrations

Quick Start¶

WindowsLinuxmacOS

# Download
Invoke-WebRequest https://app.sentrikat.com/agents/sentrikat-agent-windows.ps1 -OutFile agent.ps1

# Install
.\agent.ps1 -Install -ServerUrl "https://app.sentrikat.com" -ApiKey "YOUR_KEY"

# Download
curl -sSL https://app.sentrikat.com/agents/sentrikat-agent-linux.sh -o agent.sh

# Install
chmod +x agent.sh
./agent.sh --install --server https://app.sentrikat.com --api-key YOUR_KEY

# Download
curl -sSL https://app.sentrikat.com/agents/sentrikat-agent-macos.sh -o agent.sh

# Install
chmod +x agent.sh
sudo ./agent.sh --install --server https://app.sentrikat.com --api-key YOUR_KEY

On-Premises users

Replace https://app.sentrikat.com with your self-hosted SentriKat URL in the commands above.

Agent Architecture¶

graph LR
    A[Agent] -->|Inventory Report| B[SentriKat API]
    A -->|Container Scan| B
    A -->|Extension Scan| B
    A -->|Dependency Scan| B
    B -->|Store| C[Database]
    C -->|Match| D[KEV Catalog]
    D -->|Alert| E[Notifications]

Agents:

Collect installed software (OS packages, applications)
Detect and scan Docker/Podman container images (v1.2.0+)
Scan VS Code extensions (opt-in)
Scan code dependencies — Python, Node.js, Ruby, Rust, Go, PHP (opt-in)
Send inventory and scan results to SentriKat API
Run on configurable schedule
Support delta updates

API Keys¶

Create dedicated API keys for agents:

Go to Settings → Agent Keys
Click Create Key
Configure:
Name: Descriptive name
Key Type: Server or Client — separates infrastructure from end-user workstations (see below)
Max Assets: Optional limit
Allowed IPs: Restrict source IPs
Auto-Approve: Skip pending approval
VS Code Extension Scanning: Enable to scan VS Code extensions on endpoints
Code Dependency Scanning: Enable to scan project dependencies (pip, npm, gem, cargo, go, composer)
Copy the key (shown once only)

Key Types¶

Type	Use Case	Example
Server	Infrastructure, servers, CI/CD	Domain controllers, web servers, build agents
Client	End-user workstations, laptops	Developer machines, office PCs

Key type determines how the dashboard groups vulnerabilities. Use the Key Type toggle on the dashboard to filter vulnerabilities by server or client infrastructure.

Scan Capabilities¶

Both VS Code Extension Scanning and Code Dependency Scanning are opt-in per API key. When enabled, agents using that key automatically scan for the corresponding software — no client-side configuration needed.

See Extension & Dependency Scanning for full details on supported ecosystems and scan behavior.

Agent Management¶

View Agents¶

Go to Admin → Assets to see:

Connected agents
Last check-in time
Software count
Agent version

Agent Status¶

Status	Description
Online	Checked in within 24h
Stale	No check-in for 24-72h
Offline	No check-in for 72h+

Decommission Agent¶

Find agent in Assets
Click Decommission
Confirm

This: - Marks agent as inactive - Preserves historical data - Stops counting against license

Detailed Guides¶

Windows Agent - Full Windows agent guide
Linux Agent - Full Linux agent guide
macOS Agent - Full macOS agent guide
Container Scanning - Docker & Podman image scanning
Extension & Dependency Scanning - VS Code extensions and code dependencies
Lansweeper - Lansweeper IT asset integration
PDQ Deploy - PDQ integration
SCCM/Intune - Microsoft tools
REST Import - Custom API integration