LT Auditor-MP PII Scanner is a distributed data discovery platform that identifies Personally Identifiable Information (PII), Protected Health Information (PHI), and other categories of sensitive data across your organization’s file systems. It consists of a centralized server application with a web-based administrative interface and a companion scanning agent deployed on the machines whose file systems you want to scan.
How PII Scanner works:
The server manages all aspects of the scanning program โ clients, scan jobs, PII detection rules, target destinations, and scheduled jobs. Agents register with the server, poll for queued scan jobs, scan local or network file paths for sensitive data patterns, and forward results to a configured destination such as an LT Auditor-MP server.
Data flow:
- Administrator defines PII detection classes and configures target destinations in the server web UI
- Administrator creates a scan job or schedule, assigning it to a registered agent
- The agent polls the server and claims the queued job
- The agent scans the specified file path using the selected PII detection patterns
- Detected PII matches are forwarded in real time to the configured target (LT Auditor-MP)
- The agent reports job completion back to the server
- Results are available in LT Auditor-MP for review, alerting, and compliance reporting
Core components:
PII Scanner Server An ASP.NET Core 8 web application that hosts the administrative interface and REST API. It manages client registrations, scan jobs, PII class definitions, target destinations, and scheduled jobs. The server runs as a Windows Service or Linux systemd service and uses a SQLite database for persistence. The web interface is accessible via browser on port 52766 (HTTPS) or 52765 (HTTP).
PII Scanner Agent A Python-based scanning agent deployed on machines whose file systems you want to scan. The agent registers with the PII Scanner Server, polls for available jobs at a configurable interval, executes scans against specified file paths, and forwards detected PII matches to the configured target destination in real time.
Key capabilities include:
- Detection of PII, PHI, and other sensitive data types using configurable regex-based patterns
- Support for scanning Windows and Linux file systems and network shares
- Centralized scan job management through a web-based administrative interface
- On-demand and scheduled recurring scan jobs
- Real-time forwarding of scan results to LT Auditor-MP via UDP, TCP, or TLS syslog
- Support for multiple simultaneous scanning agents across large environments
- Configurable file extension filtering per scan job
- Runs as a Windows Service or Linux systemd service
Supported PII and sensitive data class types:
- PII โ Personally Identifiable Information
- PHI โ Protected Health Information
- Sensitive
- Confidential
- Private
Common use cases:
- Identifying where sensitive data lives across your file systems
- Detecting PII or PHI in unexpected or unauthorized locations
- Supporting GDPR, HIPAA, PCI-DSS, and NIS2 compliance requirements
- Producing evidence of data discovery efforts for auditors
- Automating recurring data discovery across high-risk directories
How PII Scanner fits into LT Auditor-MP:
PII Scanner extends LT Auditor-MP’s capabilities into proactive data discovery. While other modules like EventLogCentral and Azure Log Connector monitor activity as it happens, PII Scanner actively interrogates file systems to find where sensitive data exists โ giving organizations the visibility needed to make informed decisions about access controls, data governance, and compliance obligations.
[Your administrator should confirm which file systems and data types are in scope for scanning in your environment, and ensure scanning activity complies with any applicable data privacy policies.]