Skip to content

Data Acquisition

Various options are available for data acquisition. In addition to the classic agentless acquisition, agents can also be used to acquire the data of the various device types. However, agentless scanning is particularly suitable for gaining an initial overview of the network.

When you start LOGINventory for the first time, a wizard appears to help you with the agentless initial entry once you click the Remote Scanner node. You can define in which IP address range devices should be searched, whether the Active Directory and Microsoft Exchange should be read, and whether vSphere devices should be recorded.

In addition, administrative Windows credentials, SNMP communities and an SSH login can be stored.


The entered passwords are always stored encrypted with the Microsoft Crypt API and cannot be read without authorization.

Afterwards, of course, further definitions and accounts can be stored.


The technical details contain a detailed description of the prerequisites for entry.

Agentless Scanning

To scan agentless with LOGINventory, you have to select what should be inventoried (definitions) and how it can be accessed (accounts). These definitions can then be combined into jobs and executed automatically by task scheduling. The Job Monitor always shows the progress of the currently running scans and the results of past scans.


The accounts can also be assigned to the definitions via drag & drop, just as the definitions can be assigned to the jobs via drag & drop.


Basically, accounts can be divided into the following types:

  • Generic Credentials (with username, password and domain): Administrative accounts to query Windows, Active Directory, Exchange, vSphere, XenApp, XenServer, SQL Server & Office365
  • SSH Credentials (for Linux and Mac) with login and password or login, key file and optional password phrase
  • SNMP Communities (read only): In order to inventory SNMP v1/v2c devices, such as network printers, switches, routers, etc.
  • SNMP v3 Credentials (with correspondig parameters): In order to inventory SNMP v3 devices with Security Name (e.g. "v3user"), Security Level (e.g. "authNoPriv"), Auth Protocol (e.g. "MD5), Auth Key (e.g. "v3password"), Priv Protocol (e.g. "AES") and Priv Key (e.g. "privPassword")


An unlimited number of accounts can be created, which can be assigned to individual definitions. Thus, different passwords or accounts can be tested one after the other within a definition until a device has been successfully scanned. You can also set the order of accounts using the arrow icons on the right.

Scan Definitions

The definitions describe individual scan areas that can be combined into jobs. Each definition requires a type, a unique name, and optionally a description. The definitions can be divided into the following types:

  • Asset inventory: Inventories Windows, Hyper-V, SNMP (switches, network printers) and SSH devices (Linux, Solaris, MacOS, ...).
  • Exclusion from Inventory: Excludes elements from inventory (used in jobs together with other definitions).
  • Active Directory Attribute Lookup: Reads user, group and computer properties from Active Directory.
  • MS Exchange Inventory: Inventories a complete Exchange organization including mailbox information and mobile devices.
  • VMware vSphere Inventory: Inventories VMware ESXi servers and their existing VMs.
  • XenApp inventory: Inventory of applications published on Citrix XenApp.
  • XenServer inventory: Inventory Citrix XenServer and its existing virtual machines.
  • SQL Server Inventory: Inventories Microsoft SQL Server instances, their databases and user rights
  • Microsoft 365 Subscriptions: Finds out online which products are licensed from Microsoft 365 and which users consume which licenses.

For all definition types, the general setting options are summarized under General, such as

  • Number of parallel scans (select lower for slow network connection!)
  • Maximum runtime for a single scan
  • maximum response time for the PING to a device
  • Additional command line parameters

The following always applies here: If the corresponding fields are empty, the default value is used.


The tab Accounts must always be used to select which accounts from the pool of all accounts are to be used.

  • For each device, all selected accounts are used one after the other (from top to bottom) until a scan is successful.
  • You can use the arrow buttons to change the order of the accounts within the types.
  • The credential types are processed in the following fixed order:

    1. Generic Credentials
    2. SSH Credentials
    3. SNMP v3 credentials
    4. SNMP Community
  • At the top of the list should be those accounts that are valid for most devices in this definition.


If a definition has been created and at least one user account has been selected, the inventory can be started manually. The progress is displayed in the Job Monitor. The evaluation then takes place in the "Asset Management" node.

Asset Inventory

For the definition type Asset Inventory, the Source specifies the scan area. There are the following types of scan areas:

  • IP v4 Address Range (e.g. -
  • IP v4 Subnet (CIDR) (e.g.
  • File List (Text file with names or IP addresses of the assets)
  • List of elements
  • Active Directory: You can scan the devices that have entries in the AD.


The ping interval is adjusted dynamically and should only be changed manually in exceptional cases, e.g. if you scan one or more very large areas and are not satisfied with the duration of the ping phase. Too much reduction of the interval can lead to irregularities in the detection of devices.


If the Active Directory is specified as the source during the asset inventory, the AD itself is not recorded, but rather the computers present there and currently switched on. This means that switches or computers that are not in the AD are not detected.

Under Advanced the data acquisition can be adjusted. For example, you can set whether Share-ACLs (shared folders), drivers, fonts, etc. should be captured. These settings can also influence the duration of the inventory.

Under Asset Properties you can specify special, freely definable properties for this definition (see Custom Properties). Use the Asset Properties to define values that should be assigned to all successfully inventoried assets of a definition! If, for example, your IP address ranges are already divided by location, you could assign the respective location as an asset property and then use this assignment in queries as well.

Under Find Files you can specify search paths to search for specific files on the Windows devices to be scanned. A path can be specified using wildcards (*) and it can be determined whether the search should be recursive (i.e. also in all subfolders). For example, all files in the temp folder can be found by searching for C:\Temp\*.*.


Use recursive search with wildcards with caution. So a recursive search of the path C:\*.* should not be triggered, because otherwise the entire hard disk including all files is listed, which can lead to extremely long execution times and very large amounts of data. Instead use the search with as narrow restrictions as possible, for example to search a certain .exe in a certain directory (search path: C:\Program Files\Company\my.exe)!

Exclusion from Inventory

It is possible to exclude certain devices from a scan scope by running a definitions Exclude from Inventory along with another definition. To do this, they can either be started together using multi-selection or combined in a job.


If "List of elements" is selected as the source, wildcards can also be used to exclude devices. For example, "win*" or "192.168.20*.15" are valid values. The Job Monitor then shows the filter condition on the basis of which the devices are not recorded.

Active Directory accounts and groups


This inventory type is used to read additional properties for users or computers from Active Directory. The Active Directory definition does not inventory Assets or Users, but complements existing Asset or User data.

If the option Anonymize user name in the Settings is activated, the user data cannot be supplemented with Active Directory information, because an assignment is then not possible!

The source defines which entries are to be read from the AD. The fully qualified domain name can be specified here in the root directory. A subdirectory can be selected via the Active Directory Browser to restrict the search.


The command line argument /ignoregroups group1;group2 can be used to exclude user groups from the AD. This can be desirable, for example, if you only want to enter part of your entire organization.

Via Advanced selected AD attributes can be read and entered in LOGINventory attributes. The name of the value from the AD must be entered and assigned to a custom value in LOGINventory.

You can also specify that group memberships are resolved recursively, if a group is contained in another group. This behavior can also be enabled via the command line argument /recursivegroups.

Microsoft Exchange Inventory

With Microsoft Exchange Inventory, information about the entire Exchange organization (2010 and later) including servers, DAGs, databases, mailboxes, and mobile devices can be remotely scanned from a Microsoft Exchange Server. If different Exchange Server versions are in use, the one with the latest version should be used. You can also specify a Cloud Server as source, e.g.: The specified user account must have sufficient rights in the Exchange organization, e.g. member of the group "Exchange View-Only Administrators".


By default, all mobile devices connected via Exchange Active Sync (EAS) are also recorded and created as assets in LOGINventory via the Exchange Inventory. This behavior can be suppressed by checking No mobile devices (EAS) in Advanced.

To prevent all Exchange servers from being captured, but only selected ones, a server filter can be set under Advanced. For example, by entering Serv* in the Server filter, only Exchange servers whose name begins with "Serv" will be included.

VMware vSphere Inventory

With VMware vSphere Inventory, ESXi and vCenter Server can be captured directly without the need for additional configuration steps.

As source select the type "list of elements" and add your ESXi Server, your vCenter Server or cluster as element (Full Qualified Domain Name (e.g. or the IP address). The user account must have the required administrative rights (at least read-only admin) on the VMware servers.

XenApp Inventory

The applications published on Citrix XenApp servers and their access rights settings are recorded via the XenApp Inventory. No further prerequisites need to be fulfilled on the LOGINventory computer. When creating the corresponding definition, only one server from each XenApp server farm has to be inventoried. The name of this server must be entered in the appropriate field. When the drop-down list is opened, the members of the XenApp Servers group are displayed for selection.

XenServer Inventory

With XenServer Inventory, the individual XenServers to be captured can be added to Source via the Full Qualified Domain Name or via the IP address. The user account used must have administrator rights on the XenServer.

SQL Server Inventory

SQL Server Inventory can be used to record individual servers by name or IP, or to define IP ranges to search for SQL Server installations. If possible, the user account used should have administrator rights on the database server; however, it can also be scanned with the user "sa" and the corresponding password (Generic Credentials).


For the acquisition of databases outside the own subnet using SQL server authentication (e.g. user "sa"), it may be necessary to assign Windows credentials as well as the SQL server user as accounts in the definition. (The instances are found via the Windows user, the SQL server user can enter them.)

Microsoft 365 Subscriptions

With Microsoft 365 Subscriptions you can read online which subscriptions (e.g. Office365, Microsoft Intune, Power BI Pro, etc.) have been contracted and to which users which licenses have been assigned. This data can be evaluated in license management.

The following prerequisites must be fulfilled in order to make it possible to read Microsoft 365 data:

  1. An Internet connection must exist.
  2. The required Powershell module must be available.
    This module is installed by entering the command Install-Module -Name AzureAD in an administrative Powershell on the scan server (the computer on which LOGINventory is installed from which the data query is to be made).
    If necessary, the NuGet provider must first be installed via Powershell so that the module AzureAD can be installed. This will be indicated by Powershell if the above command is executed.
  3. A user account of the type Generic Credentials must be assigned as user account for the acquisition, whereby the user name is specified as UPN, e.g. This user must also be authorized to read the data from Microsoft 365, e.g. all users who have been assigned a Microsoft 365 license.

Like any other definition, the reading of Microsoft 365 data can be automated by jobs. The data is then available under the "Software" node in the corresponding queries. These cloud subscriptions can also be added to the license management.


Jobs allow you to create combinations of scan definitions to optimally scan your network or sub-areas.

  • If several scan definitions are to be scanned simultaneously, this task can be combined in one job. Thus the individual definitions do not always have to be selected.
  • If you do not want certain assets in a scan area to be scanned, you can specify them by defining an exclusion inventory. If this definition is combined with inventory definitions, the excluded assets are not scanned.
  • Scan definitions can be used in multiple jobs.


You can use a schedule to specify when jobs are run automatically to scan the network regularly.


Each job can also be executed several times a day with several schedules.


We recommend scanning the network several times a day, preferably at times when your users are actually using the computers. The more frequently you scan, the more fine-grained the change history will be.

Job Monitor

As soon as a job has been started (or a definition has been started), the progress of the inventory can be monitored via the Job Monitor. In the upper result list, all jobs that have run so far and those that are currently running are listed. If one of the listed definitions is selected, the status of the entry of this definition is listed in the lower result list. For the current inventory the course can also be observed here. For completed asset scans, the display shows, among other things:

  • The status ("Finished", "Executing", "Queued" or "None")
  • The result is "Ok," "Error," or "None."
  • Information on start time and running time

In many network configurations, not all devices can be successfully captured with the first scans. If errors occur during acquisition, you should first check which type of device is behind the IP address that has not been successfully inventoried. For example, if it is an IP phone that does not have a remote interface, the device can be manually entered into the database. It may also be necessary to deposit additional accounts with the necessary rights, adapt the firewall configuration, or enable remote protocols on the devices.


In the Job Monitor, you can call SSH Troubleshooting from the ribbon menu. With this tool different settings like port, username, password etc. can be tested. The textual output then shows which problems occur when establishing a connection or when querying the Linux devices.

Logon Script Acquisition

Windows computers can be inventoried by calling LOGINfo.exe. This call can be positioned in the logon script so that computers scan themselves automatically when the user logs on.


The great advantage of this method is that data can also be captured without administrative rights and with an existing firewall, since the scan is executed locally and in the user context.


In order to set up the recording by means of logon script, different steps are necessary. As described in Data processing, .inv files are created when computers are acquired. These files must be stored in the central data directory, which is monitored by the LOGINventory Data Service. This service then enters the data into the database.

The program LOGINfo.exe, which is located in the data directory, is called to scan a computer. The program LogInfoL.exe is also located there and can be used for inventorying old systems such as NT4, ME or Windows 2000. You can also open the data directory via the task bar by selecting the service LOGINventory Data Service and displaying New inventory files.

The Data Directory Location can be adjusted in the settings. Here you can also share the directory, which is necessary for the inventory via logon script. By default, the share name Li8Data is used. If you share the directory via this dialog, the following rights are set in the file system: Authenticated users: Full; Local service: Modify.

This allows all users and computers within the domain to access the directory and to execute LOGInfo.exe. An automation of this call is reasonable and can be configured via the logon script.


The following call can be included in the logon script, for example, which does not display any output data:

 START /B \\server\LI8DATA\LOGINfo.exe

If the scan is only to be executed for locally logged in users, the following command can be used:

 If "%SESSIONNAME%"=="Console" START /B \\server\LI8DATA\LOGINfo.exe

Instead of "server" the name of the corresponding server has to be entered here. In addition, further parameters can also be passed when calling LOGINfo.exe, these are described in detail below; however, this is not necessary.

How a call of this kind is integrated into the logon script is described in detail by Microsoft. There are two variants:

Now the respective computer is automatically inventoried when a user is logging on. In the query "Last Inventory Overview" you can check which inventory method was used and when the inventory took place by checking the columns LastInventory.Agent and LastInventory.Timestamp.


If the entry for Agent ends with "(LOCAL)", the inventory was executed in the user context or by the computer, i.e. by calling LOGINfo.exe in the data directory.


The behaviour of LOGINfo.exe can be adjusted by parameters. If a switch name is specified, this has priority over an entry in the LOGINfo.script file.

LOGINfo.exe [!IpAddress] [DataDir] [/parameter1] [/parameter2] ...

LOGINfo.exe Command line parameters
/? Outputs information on how to use the parameters
!IP address Remote Scan Address; Default: own computer
Target directory The result file is saved in 'Target directory'. Default: current directory.
/NOWMI Do not use WMI on Windows computers.
/DEBUG Use only on instructions from LOGIN support team
//'Switch name' n Changes the value of a switch with the value 'n' (see Switches)
/PINGLEN number Number of bytes in ping (default: 32)
/PINGTIMEOUT wait time Ping wait time in ms (default: 2000 ms)
/NOWIN Do not use Windows APIs
/NOSNMP Do not use SNMP
/NOSSH Do not use SSH
/USESNMPFALLBACK Use SNMP even if no response to ping occurs
/SNMPPORT port Use SNMP UDP 'port' (default:161)
/SNMPCOMMUNITY community Use SNMP v1 Read-Community (standard: 'public')
/USER Username Password Windows Access Data
/NETSNMP Use Net-SNMP instead of Microsoft SNMP
/NETSNMPCONF Use default Net-SNMP configuration file
/SNMPUSER user SNMP v3 User; security level=noAuth
/SNMPAUTH md5 | sha pass SNMP v3 Password; security level=authNoPriv
/SNMPPRIVACY des | aes pass SNMP v3 Passphrase security level=authPriv
/FindFiles "path" Triggers the File Search. e.g. "/FindFiles "C:\Temp*.*"
/FindFilesRec "path" Triggers the [recursive file search] (#asset inventory). Both search parameters can be used several times if you want to search at several locations.

Windows Offline Agent for Capturing Computers Outside the LAN

The LOGINventory Offline Agent can be used on Windows computers that are rarely or never in the LAN, but still need to be inventoried. Since only devices that are available in the network can be recorded with the acquisition methods presented so far, an additional recording variant is necessary, for example to regularly inventory laptops of field staff. LOGINventory provides the Windows Offline Agent for this purpose. The LOGINventory Offline Agent ensures that the corresponding computers automatically record themselves, buffer this data locally and send the buffered data independently to the LOGINventory computer if there is a network connection.


The publication of the offline agent can be started via the ribbon menu Extras.

First, a directory must be selected in which the corresponding files are to be stored. The configuration data is made available together with the MSI setups in an administrative installation point (AIP) - a directory from which the administrative installation can be executed.

Then for the different firewall profiles Public, Private and Work a URL and login data can be stored, with which the data can be transferred.

Please note the following:

  • The URLs set for Public and Private must be accessible from the client (e.g. Internet); this can be done using a port forwarder, reverse proxy or DMZ server.
  • If a port forwarder is configured to the LOGINventory computer, the LOGINventory web interface and a certificate for https must be installed here.
  • Data reception is also possible via ASPX or PHP. The button Upload Script Templates can be used for this purpose. These script files can be adapted if necessary.

If the web server to be addressed by the offline agents is also the local LOGINventory computer including the published web interface, no further configuration steps are necessary. A special version of the file OfflineAgent.aspx for receiving the data is already available here, which automatically stores the data in the currently configured data directory of the server.

If another web server is to be used, the following prerequisites apply:

  • IIS version 7.0 or higher and ASP.NET 4.5 or higher
  • OfflineAgent.aspx (You get this file by clicking on Create Upload Script Templates)


  • Apache version 2.4 or higher
  • PHP version 5 or higher
  • OfflineAgent.php (You get this file by clicking on Create Upload Script Templates)

The following configuration steps are then necessary on the other web server:

  1. start IIS-Manager
  2. in the default web site, add an "application" according to the path you defined before, e.g. "OA8", which points to the physical directory where the file OfflineAgent.aspx will be stored.
  3. below it a "Add virtual directory" named "Selfupdate", which points to a physical directory where the file is stored.

The .inv files received by the Offline Agent are now stored in the following directory by default: %Public%\Documents\LOGIN\LOGINventory 8\Data

By editing the OfflineAgent.aspx file, you can change the local location according to your needs. For security reasons, this should not be the directory where OfflineAgent.aspx is located. The .inv files received on the other web server must finally be copied to the data directory for processing by the Data Service on the LOGINventory computer, e.g. by Robocopy.exe.

The selected folder contains several files, all of which are required for installation, including the corresponding MSI packages for 32-bit and 64-bit systems:

For the installation, the appropriate package must be started directly from the AIP. In the configuration itself, you can set how the data transfer is to take place for each firewall profile.

Mode of Operation

If the offline agent is installed on one computer, two "scheduled tasks" for inventory are executed every day using LOGINfo.exe, namely:

  • at 10 am in the user context of a logged in user
  • at 10 pm in the system context, even if no user is logged on.

If the computer is switched off at these times, the scans will be made within a maximum of 24 hours. If the service Offline Agent finds new inventory files (*.inv) in the local data directory and a network connection exists, an attempt is made shortly afterwards to transfer these files to the URL defined in the configuration - matching the current firewall profile - and then to perform a SelfUpdate. The SelfUpdate ensures that the Offline Agent and the .script files are updated to the latest version. To do this, they must be packed on the server in an archive and stored in the script subdirectory of the data directory.

The button Create for Selfupdate will do this automatically. If you are using a different web server, you must also copy this file manually to this server. These files are then automatically updated by the Offline Agent during the next connection, but at most once a day.

If everything is set up correctly, the corresponding devices take an inventory twice a day and then sends the data to the LOGINventory data directory. In the Assets list in the LastInventory.Agent column, you can see which recording method was used to last inventory the device (here: "Local") and also check the time using the LastInventory.Timestamp.

A daily protocol of the communication with the central LOGINventory server is located in the directory %ProgramData%\LOGIN\LOGINventory\8.0\Logs.

Linux Offline Agent

With the Linux Offline Agent, Linux machines can inventory themselves and transfer the data independently to the LOGINventory server. Different package types for the respective Linux derivatives are delivered in the program directory in the subfolder LoginfoXScripts (by default C:\Program Files\LOGIN\LOGINventory8\LoginfoXScripts).

Installing the Agent

For example, the .deb package for Ubuntu and the .rpm package for CentOS can be used. To install the agent, proceed as follows:

  1. Transfer the desired package to the Linux machine (e.g. via WinSCP)
  2. Install
    • the .deb package using sudo apt install /path/to/package/name.deb
    • the .rpm package using rpm -i /path/to/package/name.rpm
      Known issue: The rpm command could complain about missing perl dependencies. In this case, please add --nodeps to the command line.
  3. The installation created
    • an inventory script (/opt/loginfox/
    • a daily cronjob which starts the collection at 10:00 a.m. and transfers the .inv file (/etc/cron.d/loginfox)
  4. To activate the automatic transfer of the files, two more files have to be modified:
    • The upload URL under which the .inv file created during the acquisition is to be stored (e.g.B. OfflineAgent.php): /etc/loginfox/loginfox_url.config
    • The credentials to use for accessing the upload URL: /etc/loginfox/loginfox.config

Further information on setting up the upload URL can also be found in the description of the Windows Offline Agent.

Manual data transfer

If your Linux system does not support .deb packages or .rpm packages, you can also copy a .tgz file to an appropriate device, unpack it and run it yourself. The resulting .inv file must then be copied back manually, or a transfer itself must be set up.

The file loginfo.tgz can be extracted from the subfolder LoginfoXScripts on the Linux machine using tar xfz loginfo.tgz. The acquisition is then started with ./

Software Usage Evaluation with LOGINuse

By default, LOGINventory uses the Windows Explorer statistics ("Last recently used" or "Recently opened programs") to determine the time of the last use of an application. This statistic is available in the respective user context of all supported Windows operating systems from 2000 onwards, but only considers applications started via Start menu, Desktop or Explorer - i.e. not the taskbar!


LOGINventory offers with the help of the specially developed usage statistics agent LOGINuse the possibility to find out which software in your company is actually used by whom. In this way, expensive, unused software packages in particular can be identified and the number of licenses reduced. Thus LOGINventory supports you in minimizing unnecessary expenses for expensive software licenses.

In addition, LOGINventory also offers its own usage statistics agent: LOGINuse. All used applications (.exe, .jar, and .bat) (e.g. also via command line) are registered by all users of a computer. This also works on terminal servers. LOGINuse collects its information in its own local database. If a program has been started for the third time and has run for at least 10 seconds, this program is noted as "used". This data is collected during the normal inventory of the system and transferred to the LOGINventory database. If LOGINuse data is available, any existing data in the Windows statistics for this system will be ignored!


This means that without the distribution of the software usage agent, the data in license management must be evaluated with caution during usage evaluation! Only if the agent's been deployed, the data is reliable.


The data is always evaluated in License Management.


LOGINuse is supplied in an MSI file which should be copied to a central installation point (AIP). From there, the distribution to the client systems takes place e.g. via group policies or another of the existing mechanisms.


To make software usage monitoring available for distribution, the appropriate option can be accessed via the ribbon menu under Extras.

Since LOGINuse is a 32-bit application, the program is installed on the 64-bit systems under the path %ProgramFiles(x86)%\LOGIN. In addition, an automatically starting LOGINuse Service is configured (login with the local system account). As with all MSI setups, the original MSI file should be kept after the installation to be able to uninstall LOGINuse if necessary.


As long as no changes are made to the LOGINuse program, the version number remains unchanged in the name, i.e. LOGINuse does not need to be rolled out again with every LOGINventory update as long as the LOGINuse version number does not change.

Rules for Acquisition

The following rules apply to the entry of LOGINuse:

  • Only interactive processes that run in the user context are recorded.
  • Only processes that were started outside %SYSTEMROOT% (incl. subdirectories) are recorded.
  • Only processes that have more than 10 seconds between start and stop are recorded.
  • Only processes that meet the above conditions at least three times are recorded.
  • The results are visible at the earliest 8 hours later in the LOGINventory database!

The purpose of these rules is to ensure that only the real use of software packages is taken into account, that is:

  • only packages that are not included in Windows are counted
  • an accidental start (with immediate stop) is not detected
  • the function test is not recorded after installation
  • no direct monitoring of the users can take place


Action Result
Use Notepad, Explorer, or Regedit is never captured
Start all Office applications once and close them again immediately is not captured
Start Microsoft Excel three times, run at least 11 seconds each The software usage data is visible in LOGINventory after 8 hours at the earliest

Suppress Readout

The readout of the LOGINuse database during scanning can be prevented via the switch //NoLoginUse 1. The switch can be set either as command line parameter in the scan definition or for the program LOGINfo.exe, or via the file LOGINfo.script.


If you only want to prevent that the program usage information is collected from the Windows Explorer statistics, you can insert the switch !SET Ignore=ProgramUsage into the LOGINfo.script file. Then only the data of the usage agent is collected.

Configuration of the Data Directory

Unless configured otherwise, LOGINuse writes its data to the directory%ProgramData%\LOGIN\LOGINventory\8.0\LOGINuse. This can be reconfigured per computer by creating and setting the following registry value: HKLM\Software\LOGIN\LOGINuse, DataLocation. This can be done, for example, via the following command line (as administrator):

C:\ reg add HKLM\Software\LOGIN\LOGINuse, /v DataLocation /t REG_SZ /d "d:\LoginUseData" /f

Reset Database

To reset the LOGINuse database on the computers, the MSI file LOGINuseResetDb.msi can be "installed". This MSI file does not install anything, but only empties the respective local database.

Manual Insertion of Data

In addition to the various automated procedures, it is also possible to manually insert data into LOGINventory.

Local Acquisition via USB Stick

If you cannot capture Windows devices remotely or via logon script, because they do not have a network card or their APIs do not support the procedure, you can also copy the LOGINfo.exe to a USB stick and execute it on the computer to be captured. The best way to do this is as follows:

Copy the data directory including LOGINfo.exe (usually found under C:\Users\Public\Documents\LOGIN\LOGINventory 8\Data) to a USB stick. Remove the USB stick from the LOGINventory computer, go to the isolated PC and insert the USB stick. Start Windows Explorer, navigate to the USB stick, start Loginfo.exe and wait until a .inv file has been created on your USB stick. Remove the USB stick from the isolated PC and return to the LOGINventory computer. Copy the new .inv file into the data directory of the LOGINventory computer. Make sure that the LOGINventory Data Service service is running and that the data is entered into the database (the .inv file disappears after a short time).

Creating Assets Manually

The LOGINject wizard for manually creating assets can be started via the ribbon menu. For 1:1 relationships, the corresponding fields can be filled directly.

For catalog entries (e.g. software packages), existing entries on the right side can be selected by drag & drop. If an entry not yet existing in the database is to be written, it must also first be written to a free line on the right-hand side and can then be assigned to the device.

The Save file → Asset function transfers the data directly to the LOGINventory database. The wizard can be called via the ribbon menu under "Tools", if you navigated to Asset Management (or below) in the tree.


If devices that could not be successfully inventoried (e.g. IP phones, TVs, etc.) should also be created as assets, you can select the Create Asset action from the ribbon menu in the list of unsuccessfully created devices (Failed Inventory under the IT Inventory node). The data that could be collected during the erroneous acquisition (name, IP, MAC, manufacturer) will then be transferred directly and the " faulty " asset will become a " proper " asset.

Importing Assets, Licenses and Custom Properties from csv Files


Data contained in csv files can be automatically read and imported by LOGINventory by copying them into the data directory. To do this, a mapping must first be defined between the imported data and the columns in LOGINventory so that the values are assigned correctly.
If the mapping has been created correctly, assets can be created, custom properties (e.g. "Owner") can be imported or licenses including their properties can be imported.

To define a mapping, the Data-Import can be called from the ribbon menu Extras. A csv file, which can be located in any location, can then be selected to create an import definition. The next step is to select a table from the LOGINventory data model for each import in which the key for the data is located.


The Device table must be selected to import data for assets or custom properties that refer to assets. If data for licenses are to be read in, the corresponding license type can be selected. An overview of the available license types and their properties can be found in License Management.

Depending on the selected table, different target columns are then available for the assignment.


The column names of the source file may not start with a number and may not contain spaces or special characters such as /, \, ? etc.
The import supports all common formats UTF7, UTF8, Unicode (UTF-16LE), BigEndianUnicode (UTF-16BE), UTF32 correctly. Default is the operating system Ansi code page, which e.g. writes Excel. In order to recognize the above mentioned formats, the so-called Byte-Order-Mark (BOM) MUST be set. In Notepad++ you can find both UTF8 and UTF8 BOM and only the latter works, because otherwise no information is written into the file header and therefore no encoding can be recognized.
So in a nutshell: Either with BOM or the standard code page is tried.


In order for the assignment or updating of existing data to function correctly when reading in data, there must always be a so-called "key" on the basis of which an entry is uniquely identified. When importing assets, this key is the field Device.Name. If licenses are to be read in, the key is the field License.Number. If there is no such ID of a license in the source data, the fields Name, Version, Manufacturer, End and Begin are used as a temporary combination. This means that if there is no ID and one of these fields changes from a previous import, a duplicate license may be created.


Only 1:1 relationships can be read in! It is therefore not possible to read in which programs all exist on one device (1:n relationship).

If the assignment was successful, the file can be read in by clicking on Apply.


With the help of the File filter the file name can be adjusted with wildcards. So if "MyFolder.csv" becomes "My*.csv", in the future all files starting with "My" and ending with ".csv" will be automatically read in as soon as they are copied into the data directory. Therefore, you can also create different import definitions in order to handle different data differently (differentiate by file name).


If custom properties are to be imported to assets, it must be ensured that the custom property already exists, otherwise it cannot be selected during assignment. If in doubt, you can first create your custom property and then restart the import.


If date values are to be read in, it must be ensured that these are stored in the English format (MM.DD.YYYY) in the source file. This means that January 15, 2019 is entered as "01.15.2019" or "01/15/2019" in the file.

Example: Importing and Assigning Licenses

As mentioned above, licenses are uniquely identified by the field License.Number. Since software versions in combination with the product name (SoftwareAsset.CustomId) can also be uniquely identified, licenses can also be assigned directly to the correct product and version when importing. To find out what the CustomId of a software version is, the query "All versions" below "Evaluations" can be looked at, for example. Typically, however, the CustomId is the product name in combination with the version name (separated by a space).
For example, the following source file can be read in:
Thereupon the following mapping can be used in the data import:

Modification of the Data Acquisition

The information determined by default can be enhanced with your own rules. The agentless scans and the logon script with LOGINfo.exe use the file LOGINfo.script; this file is located in the subdirectory Script of the data directory. This script file is evaluated each time an asset is inventoried. This means that all adjustments here influence the entire capture process.


This does not apply to the acquisition of Linux-based systems. For these, another form of modification is possible, as described below.


This means that you can also read your own OIDs from SNMP devices, so that the information that really interests you is displayed for each device. Many manufacturers publish their MIBs online, so you can easily see where the data you're interested in is, and then insert the appropriate commands into the script file.

In this script file you can

  • insert !SET-command switches, which are evaluated before the inventory. This way you can
    • change the time-outs
    • read additional data
    • not read certain data ( e.g. Netinstall packages, software uninstall info, etc.)
  • modify the data after inventory using additional commands:
  • Values can be narrowed down using conditions and comparisons.
  • Custom (freely definable) properties can be assigned asset-related, e.g. "location" information, environment variables, values from WMI or the registry, certain file properties.
  • simple properties of the LOGINventory database can be changed directly, e.g. the value for the name of the read CPU can be changed or overwritten.
  • Using the command Cpu.Name=%$Cpu.Name% X1234 the entry AMD Athlon™ 64 X2 Dual Core Processor changes to AMD Athlon™ 64 X2 Dual Core Processor X1234

    • Entries of list entries can be added, modified or removed.
    • The command !Modify NetworkAdapter Name=Broadcom NetXtreme-Gigabit-Ethernet, Name=Gigabit, DefaultGateway= changes e.g. in the network adapter entry named "Broadcom NetXtreme-Gigabit-Ethernet" the name and the entry for the default gateway

The names of the properties correspond to the column headings in LOGINventory.

Available Commands

Command Explanation Example
; or # Comment ;comment line
!Include filename Include commands allow you to include additional control files that are located in the same directory. This allows you to combine rules for certain areas or topics in your own .script files and thus structure the entries better and make them clearer. !Include ProductKeys.script
!IF {regexist/ fileexist/ direxist/ oidexist:Path
Query for presence !IF{regexist:HKEY_LOCAL_MACHINE\Software\Oracle8}
!ADD SoftwarePackag Name=Oracle,Version=8,Publisher=Oracle
!Stop Cancel inventory (e.g. to exclude computers from inventory) If the registry value "Site" does not have the value B96, this computer will not be inventoried:
eq/ ne/ lt/ le/ gt/ ge/ like/ notlike Comparison:
equal/ not equal /smaller /smaller or equal /larger /greater or equal/ similar to /not similar to
!IF {eq:%$LastInventory.IP%,}
Custom.parking space=R4.192
Custom.printer name=accounting
and/ or not Boolean operators:
and/or/ not
!IF {and!IF {fileexist:%SYSTEMROOT%\win.ini}, {regexist:HKEY_LOCAL_MACHINE\Software\MySoft}


Switches can be inserted into the LOGINfo.script file to further adjust the data entry process. The following syntax can be used: !SET command=value. Many of the offered settings are also directly adjustable in the respective scan definitions.


The values presented below can also be used as command line arguments. In each case a // must be placed in front and instead of an assignment by a = a space is sufficient, e.g. LOGINfo.exe //TotalTimeout 300.


All switches set in the LOGINfo.script file are overwritten by command line arguments!

Command Explanation Default value Example
TotalTimeout={Number} The scanning process for an address is usually aborted after 5400 seconds (90 minutes) if there is no response. This time period can be changed via this parameter. 5400 sec !SET TotalTimeout=600
InactivityTimeout={Number} If a client does not respond to a query command (e.g. a WMI query) for 600 seconds during the scan process, a timeout is reached. This value can be adjusted. 600 sec !SET InactivityTimeout=900
RpcTimeout={Number} If a scan is performed via RPC, its process is aborted after 1200 seconds. This time period can be changed via this parameter. 1200 sec !SET RpcTimeout=300
SnmpConnectTimeout={Number}} If an IP address does not respond to PING, LOGINfo will still try to open an SNMP connection. This happens twice with a timeout of 10s. This timeout can be changed. 10 sec !SET SnmpConnectTimeout=2
Cancel search for local drives after a gap of X drive letter 5 !SET MaxDiskLetterTryCount=30 (Search for all local drives)
Ignore={Table name} Prevent acquisition of properties: Exclude table names (e.g. SharedFolder, DeviceInfo, Mainboard, Font, ...) from the acquisition !SET Ignore=Mainboard.
NoFonts={0/1} By default, all system fonts are scanned. However, this behaviour can be switched off. 0 !SET NoFonts=1
AllGroups={0/1} Capture all groups: By default, only the members of the local Administrators group are captured. This switch can be used to enter all local groups. 0 !SET AllGroups=1
NoWMI={0/1} Do not use WMI: Normally, information is collected via Remote Registry and WMI. Acquisition via WMI can be switched off. 0 !SET NoWMI=1
WMIOnly={0/1} Only capture devices that support WMI. (Ignored if NoWMI has been set) 0 !SET WMIOnly=1
NoUsage={0/1} Do not record usage statistics: This prevents the collection of usage data from the Windows Explorer statistics and from the Usage Agent. This also removes any previously existing user data from the database and creates a new entry: "Suppressed_by_rule" instead. 0 !SET NoUsage=1
DontScanNetinstall={0/1} Don't collect netinstall packages 0 !SET DontScanNetinstall=1
DontScanUninstall={0/1} Software Uninstall Key do not capture for the computer 0 !SET DontScanUninstall=1
Software Uninstall Key do not capture for current user 0 !SET DontScan
DontScanServices={0/1} Do not include services 0 !SET DontScanServices=1
NoNetworkPrinters={0/1} Do not register network printers 0 !SET NoNetworkPrinters=1
NoTSPrinter={0/1} Do not register network printer during Terminal Service sessions 0 !SET NoTSPrinters=1
ReplaceControlChars={0/1} Replace control characters: With this switch it is possible to instruct the inventory to replace control characters within a value like TAB, CR, LF by a space character. This can be desired, for example, when reading the operating system of a Cisco switch or router. 0 !SET ReplaceControlChars=1
NoAcl={0/1} Authorization analysis: For performance reasons it may be desired to switch off the capture, since complete share folder structure on Windows servers must be searched recursively. 0 !SET NoAcl=1
ScanAppUpdates={0/1} Microsoft App Update Package Capture 0 !SET ScanAppUpdates=1
AllowWindowsSnmp={0/1} Activate SNMP scan for Windows computers 0 !SET AllowWindowsSnmp=1
EnableSnmpAlways={0/1} Force SNMP: Ignoring Windows APIs 0 !SET EnableSnmpAlways=1
UseSnmpFallback={0/1} SNMP Fallback: If an IP address does not respond to PING, no further attempt is made to connect to this node. Alternatively, an SNMP connection setup can still be attempted. 0 !SET UseSnmpFallback=1
NoCDP={0/1} Do not use Cisco Discovery Protocol (CDP): When inventorying switches and routers, CDP is typically used to discover a hierarchy (more directly connected switches or routers). This can be switched off. 0 !SET NoCDP=1
NoSysName={0/1} SNMP Do not accept SysName as asset name: If an inventory is made via SNMP, the PC name is read from the OID system.sysname and no longer via reverse DNS lookup. This can lead to different results for the PC name! 0 !SET NoSysName=1
ConnectionsMaxLocalPort={Number} By default, all network connections that are >11000 on LocalPort are filtered out. This ensures that only incoming connections are recorded. 11000 !SET ConnectionsMaxLocalPort=65000
BootLogEntries={Number} By default, only the last 50 BootLog entries (startup and shutdown of a machine) are captured. However, the list of BootLog entries is cumulated. 50 !SET BootLogEntries=100

Creating your Own Properties

You can create your own properties and assign values to them. To change the values of these properties, either an entry in the LOGINfo.script file is used - or you can do this interactively in LOGINventory.

The properties created via the script file always have the type String - in contrast to Custom Properties created in LOGINventory, which can have the type String, Int64 or DateTime. For more information on this topic, see the [Own properties] section (

Do not use spaces or special characters (e.g. $#_&-) in the property name!

Assignment of Syntax Example(s)
Constants Property=Constant Custom.Company=LOGIN
Environment variables Property=%Environment variable% Custom.WindowsDir=%Systemroot%
LOGINventory-1:1-Properties Property=%$Property% Custom.IP=%$Lastinventory.IP%
WMI values Property={wmi:[[root\][namespace\]WMI class,value} (If the namespace is not specified, CIMV2 is assumed.) Custom.Year={wmi:Win32_LocalTime,Year}
Custom.Part={WMI:CIMV2\Security\MicrosoftVolumeEncryption\ Win32_EncryptableVolume,DriveLetter}
Registry-Keys Property={reg:Key,Value } or Property={reghex:Key,Value } Custom.IEPatches={reg:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Internet Settings,MinorVersion}
Custom.Serial={reg:"HKEY_LOCAL_MACHINE\!32!SOFTWARE\Vmware, Inc.\Vmware Workstation\*",Serial}
(Note: when using special characters and spaces, the key must be enclosed in quotation marks!)
SNMP values Property={OID:oid-in-dotted-Number} Custom.SystemUpTime={oid:.}
File version Property={fileversion:FileName } Custom.IEVersion={fileversion:shdocvw.dll}
File Date Property={filetime:FileName } Custom.BOOTINIDATE={filetime:c:\boot.ini}
File Size Property={filesize:FileName } Custom.MDACSIZE={filesize:%CommonFiles%\System\ado\msado15.dll }
File language Property={filelanguage:FileName} Custom.Vblang={filelanguage:vbscript.dll }

Modification of List Entries

Existing list entries (e.g. software packages) can be changed. This is useful, for example, if you want to add a serial number or change the software name of a specific software. The use of wildcards ? and * is supported. All entries that match the expression are changed.

Using the syntax !MODIFY table condition property1=value1[,property2=value2 ...] the entries are changed, e.g.

  • Addition of product ID and product key to software package:
    !MODIFY SoftwarePackage Name=Nero*, PRODUCTID=reg:"HKEY_LOCAL_MACHINE\!32!SOFTWARE\Ahead\Nero - Burning Rom\Info",user}, PRODUCTKEY={reg:"HKEY_LOCAL_MACHINE\!32!SOFTWARE\Ahead\Nero - Burning Rom\Info",Serial5}
  • Replace SW package name with constant name: !Modify SoftwarePackage Name=*WinZIP*,Name=File Compressor.
  • Replace the SW package name with its name and version number : !MODIFY SoftwarePackage NAME=Acrobat,NAME=$NAME$ $VERSION$.
  • Addition of product keys from the registry: !MODIFY SOFTWARE PACKAGE NAME=VMware Workstation, PRODUCTKEY={reg:"HKEY_LOCAL_MACHINE\!32!SOFTWARE\Vmware, Inc.\Vmware Workstation\*",Serial}.

The syntax !BLOCK table condition can also be used to prevent the entry of certain values, e.g. !Block SoftwarePackage Name=LOGINventory or !Block Hotfix Product=.Net*.

Modification under Linux

The file LOGINfo.script is ignored if it is a acquisition of a Linux-based device. However, for this purpose a file can be stored on the device to be scanned with which it is possible to modify various entries or write new entries themselves.

For this a file "custom.xml" must be stored in the path /opt/loginfox/custom.xml, which has the following structure:

<?xml version="1.0" encoding="utf-8"?>
<Name>custom name</Name>
<myvalue>myvalue content</myvalue >
<Description>device description</Description>
<Name>os name</Name>
<Version>os version</Version>
<Domain>os domain</Domain>
    <NAME>F-Secure Policy Manager</NAME>
    <PUBLISHER>F-Secure Corporation</PUBLISHER>
    <NAME>FileZilla Server</NAME>
    <VERSION>beta 0.9.60</VERSION>
    <PUBLISHER>FileZilla Project</PUBLISHER>

The 1:1 relationships set here (e.g. Device.Name, OperatingSystem.Name, ...) overwrite the values actually read out. The entries for the software packages are added to the entries that have already been read out.