Collections

Collections Overview

When agents are deployed to endpoints, the agent begins to run discovery. During the discovery process, Keeper automatically builds out resource collections. Collections are categorized into the following types:

• Applications

• Machines

• Users

• Operating Systems

Custom Collections

Admins can also create their own custom collections within Applications, Machines and Users.

Creating a Collection

Click on New Collection to create a collection and assign attributes. For example, a custom collection "Developers" can be created which includes all software engineers. Or a custom collection of type "Machines" might be called "Web Servers" where only web servers are added to the collection. Or as another example, a custom collection of type "Applications" might be called "Developer Tools" where applications such as GitHub.exe or Visual Studio Code is included.

Application Collections

An application collection represents all of the available executables across the fleet of endpoints. Applications can be grouped into custom collections.

Application objects contain information such as:

• Product Name

• Product Version

• File Version

• File Hash

• Publisher Certificate

Custom Application Resources

A custom application resource can be defined by the Admin, such as a specific executable. Click on "Add Item to Collection" and select "Manually define resource" to submit the information.

Machine Collections

A machine collection represents the endpoint operating system. It includes the following attributes:

• Machine Name / Identifier

• Operating System Type

• Operating System Version

Machines are automatically aggregated and grouped based on the agent discovery process.

Operating System Collections

The operating system resources are automatically discovered by the Keeper agent, and made available as a collection for applying policies. The attributes collected include:

• Operating System Name

• Operating System Version

User Collections

The Keeper agent discovers all of the local users and groups across the fleet of endpoints. They are aggregated and built into "User" collections. Inside of the User collection are sub-collections including "User Groups" and "All Accounts" which are read-only.

Applying Policies

After collections have been established by the discovery process, policies can be applied to device collections and deployment collections to control privilege on all of the endpoints. Visit the Policies page to learn more.

Automation with Commander

Keeper Commander supports collection automation through our command-line interface, Service Mode REST API and Python SDK. Learn more about Endpoint Privilege Manager commands.

Collections

The pedm collection command provides management over collections.

Next Steps

Once you have deployed the agent and set up collections, it's time to apply policies.