Detection Reports
Reference guide for ArmorClaw detection report structure — check results, platform identification, and host details.
Overview
When ArmorClaw runs a discovery scan, it produces a detection report for each host. This page describes the structure and fields of these reports.
Report Structure
Each detection report contains:
| Field | Description |
|---|---|
| Host | The hostname or IP address scanned |
| Platform | Detected operating system and architecture |
| Install Path | Where ArmorClaw was found (e.g., /opt/armorclaw) |
| Distribution | The ArmorClaw distribution type |
| Version | Installed ArmorClaw version |
| Check Result | Whether ArmorClaw was found |
Check Results
| Result | Description |
|---|---|
| Found | ArmorClaw installation detected at the specified path |
| Clean | No ArmorClaw installation found on this host |
Platform Identification
The report includes OS and platform details:
| Field | Description |
|---|---|
| OS | Operating system (e.g., Linux, macOS) |
| Architecture | CPU architecture (e.g., x86_64, arm64) |
| Kernel Version | Kernel version string |
Using Reports
Detection reports feed into the Installations table. Hosts where ArmorClaw is found are added as tracked installations. Hosts that are clean are not added but are recorded in the scan history.
Detection reports are generated by the ArmorClaw discovery script. Run curl -fsSL https://armoriq.ai/install/armorclaw-discovery.sh | bash -s -- --inventory on target hosts to produce reports.