Scheduling Scans

PII Scanner supports both scheduled and on-demand scan jobs. Scheduled scans allow you to automate regular sweeps of your file systems without manual intervention, ensuring that sensitive data discovery runs consistently as part of your ongoing compliance and security monitoring program. This article covers how to create scan jobs, configure schedules, and manage the scan job lifecycle.

---

Understanding scan jobs:

A scan job defines:

• The client agent that will execute the scan
• The file system path to scan
• The file extensions to include or exclude
• The PII classes to detect
• The target host where results are sent (your LT Auditor ^MP server)

Each scan job is executed by a single client agent. The agent claims the job on its next poll cycle, executes the scan, forwards any matches to LT Auditor ^MP in real time, and reports completion back to the PII Scanner Server.

Scan results are not stored in the PII Scanner Server. All detected PII matches are forwarded directly and exclusively to LT Auditor ^MP via the configured target host.

---

Accessing scan job management:

Log in to the PII Scanner Server web UI at:
https://<PII_Scanner_Server_IP>:52766

2. Navigate to Admin → Jobs
3. The jobs list displays all scan jobs with their name, assigned agent, target path, status, and timestamps

---

Creating a new scan job:

1. Click Add Job
2. Configure the job details:

Job Name (required) A descriptive identifier for the scan. Use a name that clearly communicates the scope and purpose:

• Q2 2026 HR File Server Scan
• Monthly Finance Share PII Sweep
• Weekly Legal Documents Scan

Client (required) Select the registered agent that will execute the scan from the dropdown list. The selected agent must:

• Be currently Online
• Have read access to the specified scan path
• Have sufficient resources to perform the scan

Path to Scan (required) The full path to the directory or file to scan.

Windows path examples:

C:\SharedDocuments

\\fileserver01\departments\hr

D:\Projects\Legal

Linux path examples:

/mnt/shares/documents

/home/shared/data

/opt/company/archives

Include Extensions (optional) A comma-separated list of file extensions to limit the scan to. Leave blank to scan all file types:

*.docx, *.xlsx, *.pdf

*.txt, *.csv, *.log

*.doc, *.xls, *.ppt, *.docx, *.xlsx, *.pdf

PII Classes (required) Select one or more PII detection patterns to apply during the scan. Use the dual-list selector to move classes from the Available list to the Selected list. The agent will apply all selected patterns to every file it scans.

Target Host (required) Select the LT Auditor ^MP destination where scan results will be sent. Results are forwarded in real time as matches are found.

3. Click Queue Job

The job appears in the jobs list with a status of Queued. The assigned agent will claim and begin the job on its next poll cycle (default: every 1 minute).

---

Scheduling recurring scan jobs:

PII Scanner executes jobs on demand when queued. To schedule recurring scans, use one of the following approaches:

Option A — Windows Task Scheduler (Windows server hosting PII Scanner):

Create a scheduled task that calls a script to queue a new scan job via the PII Scanner API at your desired interval:

1. Open Task Scheduler on the PII Scanner Server
2. Click Create Task
3. Configure the trigger:
   • Daily — for frequent sensitive path monitoring
   • Weekly — for broader file system sweeps
   • Monthly — for comprehensive archive scans
4. Configure the action to call your job queuing script
5. Save the task

[Your administrator should create and document the job queuing script and scheduled task configuration for your environment.]

Option B — Linux Cron Job (Linux server hosting PII Scanner):

Add a cron job to queue scan jobs at your desired interval:

# Open crontab editor

crontab -e

# Example: Queue a scan job every Monday at 2:00 AM

0 2 * * 1 /opt/bluelance/scanner/queue_scan_job.sh

# Example: Queue a scan job on the 1st of every month at midnight

0 0 1 * * /opt/bluelance/scanner/queue_scan_job.sh

[Your administrator should create and document the job queuing script and cron job configuration for your environment.]

---

Recommended scan schedule:

Scan Type	Recommended Frequency	Notes
High-risk directories (HR, Finance, Legal)	Weekly	Focus on shares with frequent data changes
General file servers	Monthly	Broader coverage of less frequently changed data
Archive and backup locations	Quarterly	Older data stores with infrequent changes
Full environment sweep	Annually	Comprehensive coverage for annual compliance review

[Your administrator should adjust scan frequency based on your organization’s data handling practices and compliance requirements.]

---

Understanding the job lifecycle:

Once a job is queued, it progresses through the following statuses:

Status	Description	Badge Color
Queued	Job created and waiting for an agent to claim it	Gray
Running	Agent is actively scanning the specified path	Yellow
Succeeded	Scan completed successfully	Green
Failed	Scan encountered an error and did not complete	Red

---

Monitoring active scan jobs:

While a scan is running, monitor its progress in the jobs list:

1. Navigate to Admin → Jobs
2. Locate the running job — it will show a status of Running
3. Review the job details:
   • Client — the agent executing the scan
   • Path — the directory being scanned
   • Started — when the agent claimed and began the job
   • Records Processed — the number of files scanned so far
4. Refresh the page periodically to see updated progress

---

Viewing completed scan results:

Scan results are not stored in the PII Scanner Server — all matches are forwarded to LT Auditor ^MP in real time. To view results after a scan completes:

1. Log in to the LT Auditor ^MP Web UI
2. Navigate to View
3. Select the environment and category configured to receive PII Scanner data
4. Set the date range to cover the scan period
5. Filter by Source — PII Scanner or by the job name if available
6. Review the results — each match includes:
   • The file path where PII was found
   • The PII class that matched
   • The line number and context of the match
   • The timestamp of detection

---

Managing scan jobs:

Cancelling a running job: If a scan job needs to be stopped before completion:

1. Locate the running job in the jobs list
2. Click the Cancel button next to it
3. Confirm the cancellation The agent will stop scanning on its next check-in cycle.

Requeuing a failed job: If a job fails and needs to be rerun:

1. Locate the failed job in the jobs list
2. Review the error details to identify and resolve the cause
3. Click Requeue to submit the job again
4. Confirm the agent is online before requeuing

Deleting a completed job:

1. Locate the job in the jobs list
2. Click the Delete icon
3. Confirm the deletion

Deleting a completed job removes it from the jobs list. Results already forwarded to LT Auditor ^MP are retained and are not affected.

---

Best practices:

• Schedule broad scans outside of business hours to minimize impact on file server performance and user productivity
• Break large file systems into multiple focused scan jobs rather than one enormous scan — this makes it easier to monitor progress and isolate failures
• Always confirm the assigned agent is online before queuing a job — a job assigned to an offline agent will remain in Queued status indefinitely
• Start with your highest-risk directories (HR, Finance, Legal) before expanding scan coverage to lower-risk areas
• Use descriptive job names that include the scope, date, and purpose so the jobs list remains organized and auditable
• Review scan results in LT Auditor ^MP promptly after each scan to identify and act on any sensitive data found in unexpected locations
• Retain a record of completed scan jobs and their results as evidence of your data discovery program for compliance audits

[Your administrator should document your organization’s scan schedule, the paths covered by each job, and the agents assigned to each path so the scanning program is fully auditable.]