Targets define the outbound destinations where PII Scanner agents forward detected PII matches after completing a scan. In most deployments the target is the LT Auditor-MP syslog receiver. Targets are configured centrally on the PII Scanner Server and selected when creating scan jobs and schedules.
Understanding targets:
Scan results are not stored on the PII Scanner Server. All detected PII matches are forwarded in real time by the scanning agent directly to the configured target destination as matches are found during the scan. Configuring at least one target is required before scan jobs can be created.
Accessing the Targets page:
- Log in to the PII Scanner Server web interface at https://<server-name>:52766
- Navigate to Targets in the main navigation
The Targets page displays all configured destinations with their name, host, port, and protocol.
Adding a new target:
- Click Add Target
- Configure the target details:
Name: An optional friendly identifier for the target:
Examples:
Production LT Auditor MP
Development LT Auditor MP
Target Server / Host: The hostname or IP address of the destination server:
Example: ltauditor.company.com
Example: 192.168.1.100
Port: The syslog port on the destination server:
Default: 514
TLS default: 6514
Protocol: Select the transport protocol:
| Protocol | Description | Recommended Use |
| UDP | Fast, no delivery guarantee | Lower security requirement environments |
| TCP | Reliable delivery | Production environments โ recommended |
| TLS | Encrypted TCP | Production environments with strict security requirements |
- Click Save
TLS configuration:
When TLS is selected as the protocol, the following additional settings are available:
| Setting | Description |
| TLS Certificate Path | Path to the CA certificate file for server verification |
| Verify Certificate | Enable to validate the server certificate โ recommended for production |
| Server Name | Hostname used for TLS certificate validation (SNI) โ required when Verify Certificate is enabled |
| Client TLS | Enable mutual TLS โ requires the agent to present a client certificate |
| Client Certificate Path | Path to the client certificate file โ required when Client TLS is enabled |
| Client Certificate Password | Password for the client certificate file โ required when Client TLS is enabled |
When Verify Certificate is enabled, a Server Name value is required. If no server name is provided the target configuration cannot be saved.
Example production TLS target configuration:
| Setting | Value |
| Name | Production LT Auditor MP |
| Host | ltauditor.company.com |
| Port | 6514 |
| Protocol | TLS |
| Verify Certificate | Yes |
| Server Name | ltauditor.company.com |
Editing a target:
- Locate the target in the Targets list
- Click the Edit icon
- Modify the settings as needed
- Click Save
Changes to a target take effect on the next scan job that uses it. Jobs currently running will complete using the previous target configuration.
Deleting a target:
Confirm no active scan jobs or schedules are using a target before deleting it. Deleting a target that is referenced by an existing schedule will prevent that schedule from creating new jobs correctly.
- Locate the target in the Targets list
- Click the Delete icon
- Confirm the deletion
Verifying target connectivity:
Before creating scan jobs, confirm the PII Scanner Server can reach the configured target destination:
On Windows:
Test-NetConnection -ComputerName <target-host> -Port <port>
On Linux:
nc -zv <target-host> <port>
A successful response confirms the port is open and reachable. If the connection fails review firewall rules between the PII Scanner Server and the LT Auditor-MP syslog receiver.
Best practices:
- Configure and verify at least one target before creating any scan jobs
- Use TCP or TLS rather than UDP in production environments for reliable result delivery
- Enable Verify Certificate for TLS targets in production to ensure scan results are being forwarded to the correct destination
- Test target connectivity before placing jobs into production
- Use descriptive target names so the correct destination is easy to identify when creating scan jobs and schedules
- Document each target’s host, port, and protocol so the configuration is auditable
[Your administrator should confirm the LT Auditor-MP syslog listener port and protocol before creating the target, and ensure the LT Auditor-MP transformation rule is configured to receive PII Scanner forwarded events.]