Appendix A. Seeker Environment Variables

Seeker uses a number of operating system (OS) environment variables and Java Virtual Machine (JVM) properties that administrators can configure to customize and fine-tune the behavior of Seeker server and Agents.

The variables are listed in separate sections by categories, such as Basic Agent Settings or Advanced System Settings. In a section, each entry contains OS variables and/or JVM properties that can be used for the same setting for different technologies.

The OS variable names are in the SEEKER_VAR_NAME format. The JVM properties are in the seeker.var.name format or seeker.var_name for PHP. They are defined in a CLI with the prefix:

For Java: -D, for example, -Dseeker.project.key=webgoat
For PHP: -d, for example, -d seeker.project_key=drupal

Priority Order of Configuration Settings

You can configure the behavior of Seeker Agents either by setting environment variables or JVM properties, or via configuration files. When configuring these settings, consider their priority order that is listed in the table below.


Agents	Priority Order
Java	The agent.json file in the `SEEKER_HOME_DIR`, if used JVM property Environment variable Properties file Project configuration in the Seeker UI, where applicable
.NET Core, .NET Framework	Entries in the dotnet-agent.config file (available only for IIS on Windows systems) Environment variable Project configuration in the Seeker UI, where applicable
Node.js, Go, Python	Environment variable only Project configuration in the Seeker UI, where applicable
PHP	Entries in the seeker.ini file Environment variable Project configuration in the Seeker UI, where applicable

Basic Agent Settings

This section lists the variables that define basic Agent-related settings on the host where an Agent is deployed.


Names	Description	Technologies
`SEEKER_ACCESS_TOKEN` `seeker.access.token` Java `seeker.access_token` PHP	Access token configured in the server for Agent authentication. Type: `String`	All
`SEEKER_AGENT_CONNECTION_TIMEOUT` `seeker.agent.connection.timeout`	Number of seconds to block the application from starting when an Agent initiates a connection with the server for the first time. Type: `Integer` Default: `10`	Java, .NET Core, .NET Framework, Node.js, PHP
`SEEKER_AGENT_CUSTOM_TAGS` `seeker.agent.custom.tags` Java `seeker.agent_custom_tags` PHP	Automatically assigns the listed custom tags to each vulnerability detection made by the Agent. A comma-separated list of custom tags. It can be handy to identify environments where vulnerabilities are detected. For example: `env_qa,env_dev`.	Java, .NET Core, .NET Framework, Node.js, PHP
`SEEKER_AGENT_LOAD_DELAY_SEC` `seeker.agent.load.delay.sec`	By default, an Agent starts initializing simultaneously with an application, and might block the application from starting. You can avoid this by defining a number of seconds to delay the Agent load. Type: `Integer` Default: `0`	Java
`SEEKER_AGENT_NAME` `seeker.agent.name` Java `seeker.agent_name` PHP	Agent's friendly name that is displayed under Agent Status. Type: `String`	Java, .NET Core, .NET Framework, PHP
`SEEKER_AGENT_VALIDATE_SERVER_CERT` `seeker.agent.validate.server.cert`	Enables/disables the validation of server certificate by the Agent during connection. Type: `Boolean` Default: `false`.	Node.js
`SEEKER_DNC_INSTALL`	Location where the .NET Core Agent runtime files are installed. A valid local path. Not required as of release 2020.04.	.NET Core
`SEEKER_ENABLED` `seeker.enabled`	Enables or disables an Agent when used as an argument in a command line that starts an application. By default, an Agent is enabled. To control the state of Agent, set the value of the env variable or JVM property to `true` or `false`.	Java, .NET Core, .NET Framework, Node.js, PHP, Python
`SEEKER_LOG_BACKUPS`	Max number of previous Seeker log files to keep. Type: `Integer` Default: `10`	Node.js
`SEEKER_LOG_FILE_SIZE`	Max size of a Seeker log file (MB). Type: `Integer` Default: `20`	Node.js
`SEEKER_PROJECT_KEY` `seeker.project.key` Java `seeker.project_key` PHP	Project key to which an Agent should be bound. A valid project key that is configured in the server.	All
`SEEKER_COMPOSITE_PROJECT_KEY` `seeker.composite.project.key` Java	Composite project key used for the automatic creation of regular projects in a composite project. Must be a valid composite project key that is configured on the server.	All
`SEEKER_PURGE_LOGS_TIME`	Number of days to keep a previous log file. Type: `Integer` Default: `7`.	Node.js
`SEEKER_SERVER_URL` `serverUrl` .NET `seeker.server.url` Java `seeker.server_url` PHP	URL of the Seeker Enterprise Server. Type: A valid URL. Default: `https://localhost:8443`	Java, .NET Core, .NET Framework, Node.js, PHP
`SEEKER_UPDATE_AGENT` `seeker.update.agent` Java	Enables/disables auto update of an Agent. Type: `Boolean` Default: `true`	Java, .NET Core, .NET Framework

Advanced Agent Settings

This section lists the variables that define advanced Agent-related settings on the host where an Agent is deployed.


Name	Description	Technologies
`AGENT_CORE_PATH` `seeker.agent_core_path`	Path to the `seeker-agent-core.so` file. Mandatory. Defined during the PHP Agent installation in the following format: `<SEEKER_INSTALL_DIR>/seeker_php-<PHP version>-< ts if thread safety is enabled, or nts if it is disabled>/<OS>/seeker-agent-core.so` If not defined correctly, the Agent will not be loaded.	PHP
`SEEKER_ACTIVE_INSPECTION_AUTH_HEADERS` `seeker.active.inspection.auth.headers`	A comma-separated list of header names to be passed by Seeker as authentication credentials for Active Inspection. For example: `-Dseeker.active.inspection.auth.headers="X-MSTR-AuthToken,Cookie"`	Java .NET Core .NET Framework Node.js Python
`SEEKER_AGENT_CONSOLE_LOG_LEVEL`	If set, defines the Agent's logging level written in the console, overriding the project configuration. Type: `LogLevel` Possible values: TRACE, DEBUG, INFO, WARN, ERROR. Default: N/A	.NET Core .NET Framework Python
`SEEKER_AGENT_LOG_LEVEL` `seeker.agent.log.level` Java `seeker.log_level` PHP	If set, defines the Agent's logging level, overriding the project configuration. Type: `LogLevel` Possible values: TRACE, DEBUG, INFO, WARN, ERROR. Default: N/A	Java .NET Core .NET Framework Node.js PHP
`SEEKER_AGENT_OUTGOING_CALL_EXCLUSION` `seeker.agent.outgoing.call.exclusion` `seeker.agent.outgoing.call.exclusion` Java	When the Cross-Project Analysis or Data FLow Map feature is enabled, some outgoing requests, modified by the Seeker Agents, might fail. You can instruct the Agents not to modify outgoing requests for certain URLs by setting this variable to a regex pattern for URL exclusion, for example: `https://example\.com/v1/login https://example\.com/v1/login1\|https://example\.com/v1/login2 https://example\.com/v1/.*`	Java
`SEEKER_AGENT_PATH_SANITIZERS`	The sanitizer types to apply to path parameters constrained by regular expressions Type: A comma-delimited list of strings Default : `HTML, SQL, XML, FILEPATH, CMD, REGEX, LDAP, RFI_LFI, URL, NOSQL, LOG, CONN_STRING, EXPRESSION, HTTP_HEADER, HTTP_COOKIE, XPATH, PROTOTYPE`	Node.js
`SEEKER_AGENT_VALIDATE_SERVER_CERT` `seeker.agent.validate.server.cert`	Enables/disables the validation of custom trusted Seeker server certificate by the Agent upon connecting to the server. Type: `Boolean` Default: `false`	Java, Node.js
`SEEKER_ENABLED_LOOKUP_ENV_VAR_NAME` `SEEKER_ENABLED_LOOKUP_ENV_VAR_VALUE` `seeker.enabled.lookup.env.var.name` `seeker.enabled.lookup.env.var.value`	Instruct Seeker to use your own custom environment variable to determine whether to enable or disable a Seeker Agent. This minimizes changes to your existing scripts or configurations. For example, supply the name and value of this environment variable in a script that starts an application. export MY_DEPLOY_ENV=dev ... export JAVA_OPTS="$JAVA_OPTS \ -javaagent=/path/to/seeker-agent.jar \ -Dseeker.server.url=https://my-seeker-server \ -Dseeker.enabled.lookup.env.var.name=MY_DEPLOY_ENV \ -Dseeker.enabled.lookup.env.var.value=dev" Note: If the `SEEKER_ENABLED` or `seeker.enabled` variable is set, it takes priority over these ones.	Java
`SEEKER_FINDINGS_BULK_SIZE` `seeker.findings.bulk.size` Java `seeker.findings_bulk_size` PHP	Max number of detections pushed in a single WebSocket message from an Agent to the server. Type: `Integer` Default: `100`	Java, Node.js, PHP
`SEEKER_MAX_REQUEST_BODY_SIZE_MB` Java, .NET Core, .NET Framework, Go `seeker.max.request.body.size.mb` Java `seeker.max_request_body_size_mb` PHP	Maximum size (in MB) of the HTTP request body handled by Seeker. The rest of the body is ignored, which might affect the behavior of some checkers. Used to avoid memory overload. Type: `Integer >0` Default: `1`	Java, .NET Core, .NET Framework, Go, PHP
`SEEKER_MAX_RESPONSE_BODY_SIZE_MB` Java, .NET Core, .NET Framework, Go `seeker.max.response.body.size.mb` Java `seeker.max_response_body_size_mb` PHP	Maximum size (in MB) of the HTTP response body handled by Seeker. The rest of the body is ignored, which might affect the behavior of some checkers. Used to avoid memory overload. Type: `Integer >0` Default: `1`	Java, .NET Core, .NET Framework, Go, PHP
`SEEKER_PROXY_URL` `seeker.proxy.url` Java `seeker.proxy_url` PHP	Optional. If defined, the Agent will communicate with the server via the proxy at this URL. Type: A valid proxy URL	Java, PHP, .NET Core, .NET Framework, Node.js
`SEEKER_PROXY_USER` `SEEKER_PROXY_PASSWORD`	User name and password for proxy server authentication. Mandatory if the proxy server requires authentication. Type: String	.NET Core, .NET Framework
`SEEKER_REPLAY_DATA_CHANGING_REQUESTS` `seeker.activeverification.datachangingrequests`	Enables/disables Active Verification for data-changing requests. Type: `Boolean` Default: `true`	Java
`SEEKER_REPLAY_EMPTYPARAM` As of 2020.01, `seeker.activeverification.emptyparam`, previous name`seeker.continuousmode.emptyparam`.	Enables/disables Active Verification for empty parameters. Type: `Boolean` Default: `true`	Java, .NET Core, .NET Framework
`SEEKER_REPLAY_UNUSEDPARAM` As of 2020.01, `seeker.activeverification.unusedparam`, previous name `seeker.continuousmode.unusedparam`.	Enables/disables Active Verification for unused parameters. Type: `Boolean` Default: `true`	Java, .NET Core, .NET Framework
`SEEKER_SCA_COMPONENT_REANALYSIS_DELAY`	Defines the interval (days) after which Seeker should rerun SCA scans for 3rd party components. Type: `Integer` Default: `7`	All
`SEEKER_SCA_INCLUDE_APPSERVER_COMP` `seeker.sca.include.appserver.comp`	Toggles the inclusion of application server components in SCA. Type: `Boolean` Default: `true`	Java
`seeker.agent.stderr.embed`	Defines where to output STDERR messages. Type: `Boolean` Type: if `false` (default), output to the console. If true, output to the `seeker.err.log` file.	Java
`seeker.agent.stdout.embed`	Defines where to output STDOUT messages. Type: `Boolean`. If `false` (default), output to the console. If `true`, output to the `seeker.out.log` file.	Java
`seeker.cache.cleanup.interval.seconds`	Number of seconds to keep the in-memory cache of instrumented classes. The cache can speed up application startup. Type: `Integer` Default: `180`	Java
`seeker.continuousmode.disable`	Enables/disables the entire Active Verification feature. Type: `Boolean` Default: `false`	Java
`seeker.findings.queue.max.capacity` Java `seeker.findings_queue_max_capacity` PHP	Max number of detections stored in an Agent's memory. Type: `Integer` Default: `10000`	Java, PHP

Basic Location Settings

This section lists the variables that define basic location settings used by Seeker on the server and Agent machines.


Name	Description	Technologies
`SEEKER_HOME_DIR` `homeDir` .NET `seeker.home.dir` `seeker.home_dir` PHP	Seeker home directory that contains all the dynamic data and configuration files used by Seeker. Type: A valid local path. Default: Linux/Mac OS: ${HOME}/seeker/data/ Windows: C:\ProgramData\Seeker Security\inline\	Java, .NET Core, .NET Framework, Node.js, PHP
`SEEKER_TEMP_DIR` `tempDir` .NET `seeker.temp.dir`	Folder for temporary data. If not defined, the default folder will be used. Type: A valid local path Default: the system temp folder.	Java, .NET Core, .NET Framework, Node.js

Advanced Location Settings

This section lists the variables that define advanced location settings used by Seeker on the server and Agent hosts.


Name	Description	Technologies
`SEEKER_KEYMANAGER_PASSWORD` `seeker.keymanager.password`	Password for the key manager. Needed if its value is different from the keystore password.	Java, .NET Core, .NET Framework, Node.js
`SEEKER_KEYSTORE_PASSWORD` `seeker.keystore.password`	Password for the custom keystore that is used for mutual server-agent authentication.	Java, .NET Core, .NET Framework, Node.js
`SEEKER_KEYSTORE_PATH` `seeker.keystore.path`	Full path to the custom keystore file that is used for mutual server-agent authentication. Type: A valid local path.	Java, .NET Core, .NET Framework, Node.js
`SEEKER_SOURCE_CODE_ROOT_DIR`	By default, the source code root directory for rapid static analysis scans is automatically determined by Seeker. If you want to run scans from a different root directory, specify it in this variable.	Node.js

Advanced System Settings

This section lists the variables that define advanced system-wide settings on the Seeker server host.


Name	Description
`SEEKER_CUSTOMER_CODE_MAX_STACK_DEPTH`	Sets the number of stack frames between the customer code and the sink method that should be considered as direct calls. Type: `Integer` Default: `3`
`SEEKER_EXTERNAL_BTS_SCRIPT_COMMAND`	Used for the execution of custom scripts for creating issues in external bug tracking systems.
`SEEKER_FINDING_REOPENING_IGNORE_VERSION`	Defines whether or not to reopen previously fixed vulnerabilities regardless of application versions in which they were detected. Type: `Boolean` Default: `false`
`SEEKER_FINDING_TIMESTAMP_SERVER_OVERRIDE_ENABLED`	Defines whether the detection time of a vulnerability is set according to the system time of the Seeker server or Agent machines. Type: `Boolean` Default: `true`
`SEEKER_PURGE_VERSIONS_ENABLED`	Defines whether or not automatically delete all project versions preceding the predefined number of most recent versions. Applies to all projects. Type: `Boolean` Default: `false`
`SEEKER_PURGE_VERSIONS_COUNT`	Defines the number of recent project versions to keep, if `SEEKER_PURGE_VERSIONS_ENABLED` is `true`. Type: `Integer` Default: `0`
`SEEKER_SAML_MAX_AUTHN_REQUEST_AGE`	Defines the validity interval of user authentication with an IdP. Set this variable if your IdP supports a longer than default interval. Type: `Integer` Default:`7200`
`SEEKER_SCA_CLEANUP_AFTER_ANALYSIS`	Defines whether or not to clean up SCA results in the BDBA appliance after they have been received by Seeker. Type: `Boolean` Default: `true`
`SEEKER_SCA_MAX_FILE_SIZE`	Defines the maximum size in MB of a file that can be uploaded for SCA. Type: `Integer` Default:`1024`
`SEEKER_SSL_VERIFICATION_ENABLED`	Defines whether to enable certificate verification for LDAPS connection. Type: `Boolean` Default: `false`
`SEEKER_USER_LOCKOUT_DURATION`	The duration of user account lockout (in minutes) after the defined `SEEKER_USER_LOCKOUT_THRESHOLD` number of failed sign-in attempts is reached. Type: `Integer` Default: `10`
`SEEKER_USER_LOCKOUT_THRESHOLD`	The number of failed sign-in attempts after which a user account will be locked. Type: `Integer` Default: `5`

Agent Activity Depending on CPU and Memory Usage

This section lists the variables that control the Java Agent's activity in a shared environment depending on CPU and memory load threshold ranges.


Name	Description
`seeker.perf.memory.usage.suspend.active`	Indicates whether to suspend the Agent upon reaching a memory usage threshold. Type: `Boolean`
`seeker.perf.cpu.usage.suspend.active`	Indicates whether to suspend the Agent upon reaching a CPU usage threshold. Type: `Boolean` Default: `false`
`seeker.perf.cpu.threshold.suspend`	CPU usage threshold on which to suspend the Agent. Type: `Integer 0-100` Default: `90`
`seeker.perf.memory.threshold.suspend`	Memory usage threshold on which to suspend the Agent. Type: `Integer 0-100` Default: `90`
`seeker.perf.cpu.threshold.resume`	CPU usage threshold on which to resume the Agent. Should be lower than `seeker.perf.cpu.threshold.suspend`. Type: `Integer 0-100` Default: `70`
`seeker.perf.memory.threshold.resume`	Memory usage threshold on which to resume the Agent. Should be lower than `seeker.perf.memory.threshold.suspend`. Type: `Integer 0-100` Default: `70`
`seeker.perf.cpu.sampling.interval`	CPU usage sampling interval (seconds). Type: `Integer >0` Default: `10`
`seeker.perf.memory.sampling.interval`	Memory usage sampling interval (seconds). Type: `Integer >0` Default: `10`
`seeker.perf.cpu.sampling.beforeresume.number`	Number of CPU usage samplings below the threshold before resuming the Agent. Type: `Integer >0` Default: `3`
`seeker.perf.memory.sampling.beforeresume.number`	Number of memory usage samplings below the threshold before resuming the Agent. Type: `Integer >0` Default: `3`

Health Check Thresholds

This section lists the variables that control the thresholds for the GET /api/{ver}/healthcheck API. You can customize them for your environment.


Name	Description
`SEEKER_HEALTH_CHECK_JOB_CRON`	A cron expression scheduling health checks of the Seeker database, memory, and disk space. Default: `0 * * ? * *`, or 1 min
`SEEKER_HEALTH_CHECK_SERVER_CONNECTION_JOB_CRON`	A cron expression specifying the schedule on which the Sensor, an internal Seeker component responsible for managing connections with Agents, sends alive messages to the server. Default: `30 * * ? * *`, or 1 min
`SEEKER_HEALTH_CHECK_MAX_SENSOR_CONNECTION_AGE`	Specifies the maximum age of Sensor alive message in milliseconds. If more time has passed between the latest message received from the Sensor and the time of check, the `FAIL` status is returned for the `Sensor` item. Default: `70000`
`SEEKER_HEALTH_CHECK_MIN_FREE_DISK_SPACE`	Free disk space threshold in MB. If the free disk space is less than this value, the `FAIL` status is returned for the `Free Disk Space` item. Default: `2048`
`SEEKER_HEALTH_CHECK_MIN_FREE_MEMORY`	Free memory threshold in MB. If the free memory is less than this value, the `FAIL` status is returned for the `Free Memory` item. Default: `512`

Secrets Manager Configuration

By default, the Seeker database password is stored in a file on the Seeker server. If you want to store this password in a third-party secrets manager, and enable Seeker to retrieve the password on start, configure the following environment variables.

Currently Seeker supports AWS Secrets Manager.


Name	Description
`SEEKER_SECRET_MANAGER_ENABLED`	Enables/disables the retrieval of Seeker data stored in a secrets manager. Type: `Boolean` Default: `false`
`SEEKER_SECRET_MANAGER_DB_PASSWORD_ENABLED`	Enables/disables the retrieval of Seeker database password from a secrets manager. Type: `Boolean` Default: `false`
`SEEKER_SECRET_MANAGER_AWS_ACCESS_KEY_ID` `SEEKER_SECRET_MANAGER_AWS_SECRET_ACCESS_KEY`	Your user credentials for AWS Secrets Manager: access key ID and value. Required to enable Seeker to call the AWS Secrets Manager APIs. Type: `String`
`SEEKER_SECRET_MANAGER_AWS_REGION_CODE`	Your AWS region code. Optional, but recommended. Type: `String` Default: `us-east-1`
`SEEKER_SECRET_MANAGER_AWS_DB_PASSWORD_SECRET_ID`	The ID of the secret in which the password is stored. Type: `String`
`SEEKER_SECRET_MANAGER_AWS_DB_PASSWORD_SECRET_KEY`	The key of the password in the secret. Type: `String`

Environmental Variables to Use in Custom Scripts

A list of Seeker environmental variables that you can use in custom scripts for creating and updating issues in external bug tracking systems.


Name	Description	Example
`SEEKER_PROJECT_KEY`	The vulnerability project key	`DEFAULT`
`SEEKER_PROJECT_NAME`	The vulnerability project name	`Default project`
`SEEKER_TICKET_CREATOR`	The Seeker user who initiated the ticket creation
`SEEKER_TICKET_DESCRIPTION`	The default ticket description
`SEEKER_TICKET_SUMMARY`	The default ticket summary	`Seeker [DEFAULT-22] - SQL Injection`
`SEEKER_TICKET_URL`	The vulnerability ticket URL
`SEEKER_VULNERABILITY_CHECKER`	The vulnerability checker key	`SQLI`
`SEEKER_VULNERABILITY_CODE`	The vulnerability code location
`SEEKER_VULNERABILITY_CODE_LINE`	The vulnerability code line
`SEEKER_VULNERABILITY_DESCRIPTION`	The vulnerability checker description
`SEEKER_VULNERABILITY_DETECTION_COUNT`	The detection count of the vulnerability
`SEEKER_VULNERABILITY_FIRST_DETECTION_TSTAMP`	The initial timestamp of the vulnerability
`SEEKER_VULNERABILITY_KEY`	The vulnerability identifier	`DEFAULT-22`
`SEEKER_VULNERABILITY_LATEST_DETECTION_TSTAMP`	The latest detection timestamp of the vulnerability
`SEEKER_VULNERABILITY_LATEST_VERSION`	The latest version in which the vulnerability was detected
`SEEKER_VULNERABILITY_NAME`	The vulnerability checker name	`SQL Injection`
`SEEKER_VULNERABILITY_OWNER`	The vulnerability owner name in Seeker	`administrator`
`SEEKER_VULNERABILITY_REMEDIATION`	The vulnerability checker remediation
`SEEKER_VULNERABILITY_REQUEST`	The vulnerability relative request path
`SEEKER_VULNERABILITY_REQUEST_HEADERS`	The vulnerability request parameters
`SEEKER_VULNERABILITY_REQUEST_PARAMS`	The vulnerability request headers
`SEEKER_VULNERABILITY_SEEKER_URL`	The URL to the vulnerability in Seeker
`SEEKER_VULNERABILITY_SEVERITY`	The vulnerability severity	`CRITICAL`
`SEEKER_VULNERABILITY_SOURCE_NAME`	The vulnerability source name	`id`
`SEEKER_VULNERABILITY_SOURCE_TYPE`	The vulnerability source type	`HTTP_PARAMETER`
`SEEKER_VULNERABILITY_STACK_TRACE`	The vulnerability stack trace
`SEEKER_VULNERABILITY_SUMMARY`	The vulnerability checker summary
`SEEKER_VULNERABILITY_TAGS`	The vulnerability custom tags	`one,two,three`
`SEEKER_VULNERABILITY_TRACKED`	A Boolean indicating whether the vulnerability is already tracked	`true`
`SEEKER_VULNERABILITY_VERIFICATION`	The vulnerability verification tag	`VERIFIED`

.NET Agent Profiler Chaining Settings

You can enable a Seeker .NET Agent to monitor an application concurrently with another profiler for .NET, such as an application performance monitoring (APM) tool, running on the same machine.

If an Agent is installed in an environment other than IIS, you can do this by settng environment variables as follows.

For example, you already have a certain .NET profiler monitoring your application. The CLR (Common Language Runtime) variables hold its GUID and path to the DLL to load into the application:

COR_PROFILER={78E8FB7B-E370-4678-8B4F-43B107E67D5A}
COR_PROFILER_PATH_32=C:\Program Files\MyProfiler\myprofiler.dll

To enable a Seeker Agent to run concurrently with this profiler, copy these GUID and path values to the corresponding Seeker variables, and set the CLR variables to the values for the Seeker Agent.

For example:

SEEKER_DN_PROFILER_CHAINING={78E8FB7B-E370-4678-8B4F-43B107E67D5A}
SEEKER_DN_PROFILER_PATH_32_CHAINING=C:\Program Files\MyProfiler\myprofiler.dll

COR_PROFILER={17691574-689D-4366-BEAF-ED00B8618013}
COR_PROFILER_PATH_32=D:\Agent_install_dir\x86\Agent.Profiler.dll

The following tables map between the CLR and Seeker variables.

For .NET Core:


CLR variable	Seeker variable	Description
`CORECLR_PROFILER`	`SEEKER_DN_CORE_PROFILER_CHAINING`	Profiler GUID.
`CORECLR_PROFILER_PATH_32` `CORECLR_PROFILER_PATH_64`	`SEEKER_DN_CORE_PROFILER_PATH_32_CHAINING` `SEEKER_DN_CORE_PROFILER_PATH_64_CHAINING`	Path to a profiler DLL for 32- or 64-bit applications.

For .NET Framework:


CLR variable	Seeker variable	Description
`COR_PROFILER`	`SEEKER_DN_PROFILER_CHAINING`	Profiler GUID.
`COR_PROFILER_PATH_32` `COR_PROFILER_PATH_64`	`SEEKER_DN_PROFILER_PATH_32_CHAINING` `SEEKER_DN_PROFILER_PATH_64_CHAINING`	Path to a profiler DLL for 32- or 64-bit applications.

API specifications

A list of environmental variables that you can use to supply OpenAPI and GraphQL APIs for scanning.

Seeker automatically detects and scans OpenAPI specifications from tested applications, if they are exposed by the known supported frameworks. In addition, you can explicitly supply for scanning your OpenAPI or GraphQL specifications that are exposed by unknown or unsupported frameworks by defining the variables listed below.

Note:

Supplied OpenAPI specification files should be in JSON format. Both OpenAPI versions 2 and 3 are supported.

This feature is currently supported by the Java, .NET Core, .NET Framework, and Node.js Agents.


Name	Description
`SEEKER_AGENT_APP_GRAPHQL_URL`	Base URL from which a GraphQL API is served.
`SEEKER_AGENT_APP_GRAPHQL_SCHEMA_FILE`	Full path to an application's GraphQL schema file on the application server. If you want to enable Active Inspection of the GraphQL API endpoints when their introspection is disabled, specify this variable along with `SEEKER_AGENT_APP_GRAPHQL_URL`. Currently supported by the Java, .NET Core, and Node.js Agents.
`SEEKER_AGENT_APP_OPENAPI_SPEC_FILE`	Full path to an application's OpenAPI specification file on the application server. Multiple files should be comma-separated without spaces. For example: /path/to/swagger1.json,/path/to/swagger2.json
`SEEKER_AGENT_APP_OPENAPI_SPEC_URL`	Alternatively, provide full URL of the application's OpenAPI specification file. Multiple URLs should be comma-separated without spaces. Note: This variable takes precedence over `SEEKER_AGENT_APP_OPENAPI_SPEC_FILE`, if both are supplied.
`SEEKER_AGENT_APP_OPENAPI_URL`	Base URL from which the API is served, as defined in the specification. Multiple URLs should be comma-separated without spaces, and listed in the same order as in `SEEKER_AGENT_APP_OPENAPI_SPEC_FILE`. For example: http://localhost/api1,http://localhost/api2 If the supplied value is relative, it is appended to the application's root URL. Default: The application's root URL.