Options

Key	Type	Description
hdiv.console.level	Custom	Define the logging level the following options are available SEVERE (default) WARNING INFO FINE FINER FINEST
hdiv.file.level	Custom	Define the logging level the following options are available SEVERE WARNING INFO (default) FINE FINER FINEST
hdiv.log.append	Boolean	Define whether agent traces should be appended during startup or not, by default false
hdiv.config.dir	String	Path to the config dir where the license is present
hdiv.console.url	String	Defines de URL of the Web Console, by default http://localhost:8089/hdiv-console-services
hdiv.console.token	String	Authentication token for the environment in the Web Console
hdiv.server.name	String	The name that will identify this server in the Web Console
hdiv.console.validate.certificate	Boolean	Whether the Web Console certificate should be verified when using https or not, by default true
hdiv.toolbar.enabled	Boolean	Whether Hdiv toolbar should be shown or not, when the agent is not configured to communicate with a Web Console it will be always displayed, otherwise by default is false
hdiv.toolbar.enabled.on.demand	Boolean	With this parameter Hdiv toolbar could be manually activated in runtime but it is not displayed otherwise, by default false
hdiv.toolbar.disabled.patterns	List	A comma separated list, including regular expressions to avoid the toolbar in URLs matching those
hdiv.trace.queries	Boolean	Flag to indicate that SQL Queries will be displayed in Hdiv Toolbar, by default true
hdiv.validation.info	Boolean	Flag to allow validation info to be displayed on the toolbar when using Hdiv Library Protection, by default true
hdiv.toolbar.delete.location.change	Boolean	In some SPA vulnerabilities will not be emptied in the toolbar, they can be manually cleaned with the button in the toolbar or otherwise use this option (but it may have issues depending on the browser used), by default false
hdiv.toolbar.xhr.header	Boolean	By default Hdiv toolbar includes (if not present) X-Requested-With header in AJAX calls to identify them, by default true
hdiv.toolbar.only.in.html.responses	Boolean	By default Hdiv toolbar is included only in HTML responses, however this check can be disabled, by default true
hdiv.workingMode	Custom	Defines the working mode for the agent, this usually implies a balance between detection features and performance, the following options are available: FULL_DETECTION: Full features at a performance cost NORMAL: Default balanced value, it could be a valid option in production PRODUCTION: Option for best performance
hdiv.artifact.detection.additional.disabled	Boolean	Flag to indicate if additional artifacts (OS, DB & JVM) should be disabled or not, by default false
hdiv.all.threats.time.period	Number	Time period for all agent communication tasks (in seconds)
hdiv.metrics.task.time.period	Number	Time period for metrics task (in seconds), by default 5
hdiv.security.threads.task.time.period	Number	Time period for security threads task (in seconds), by default 5
hdiv.excluded.stacks	List	A comma separated list, including packages that should be avoided in vulnerability stacks
hdiv.single.app	Boolean	A flag to indicate that a single application will be running in the server, it may be required when it is deployed on root context path, default is false
hdiv.root.app.name	String	Mandatory name for application deployed on root context path
hdiv.mandatory.app.name	String	Mandatory name for any application deployed on this server. If more that one application is deployed, it is possible to define a mapping like the following app_1:First;app_2:Second
hdiv.async.taint.tracking	Boolean	A flag to that vulnerabilities should be tracked in asynchronous threads, it could be enabled at a cost in performance, by default false
hdiv.dependency.delay	Number	The delay to process vulnerable libraries after startup in milliseconds, by default 600000, (ten minutes)