Archer Data Feed Monitor

The Archer Data Feed Monitor is a tool & utility enabling Archer Administrators to call a data feed only when there are records to process, reducing the resource load on the Archer Platform instance.

Archer Exchange: With the Archer Exchange, the Archer team has created a broad selection of supplemental, value-added offerings to help you get your unique risk management program on the right path, right from the start. You can leverage the Archer Exchange offerings to expand the use of Archer solutions into new business processes and address specific industry, geographic, regulatory, or technical requirements.

On this page

Release notes

Release date	Release	Notes
May 2026	2025.12	Recertified on Archer Platform Release 2025.12

Previous releases

Release date	Release	Notes
July 2025	2024.11	Updated to add a configuration parameter that allows a user to request SOAP authentication instead of REST
April 2022	6.8	Updated documentation with notes regarding implementation in Archer SaaS environments
March 2021	6.8	Updated documentation with the added support for the use of Stored Procedures in the SQL Monitor.
September 2020	6.8	The latest version of Archer Data Feed Monitor has the following updates: Exceptions that occur while checking the criteria or executing a feed for a given monitor result in the rest of the monitors being skipped for that execution. This bug has been fixed. App Settings in Config file are encrypted when the utility is run for the first time. Encrypt and decrypt batch files are no longer required.
October 2019	6.6	Added details for the Archer Record Statistical Monitor
May 2019	6.4 P2	The new version of Archer Data Feed Monitor uses the NLog framework to enable logging. There is no change in the business logic of how the Data Feed Monitor works, only a change in the logging functionality. The previous version of this tool did not use a logging framework and was writing data to one log file. Over time, this file will become quite large and difficult to work with. NLog provides a configurable option for logging such as setting the maximum log file size and options to configure a Rolling File Appender to create new log files at certain time intervals.
August 2018	6.4 SP1	Initial release

Overview

In many Archer implementations, business users are looking for the ability to react to specific events in near real-time. For example, a file containing vulnerability scan results is placed on a network share, and the business wants to ingest the file as soon as it appears. The creation of the file can be unscheduled, and therefore unexpected. Data feeds that perform the ingestion are configured to run every five minutes (or less) in an effort to approximate real-time processing.

This use of minutely data feeds produces several undesirable results. Most notably, the rapid growth of affected system tables: tblAsyncInstrumentation, tblDataFeedHistory, and tblDataFeedMessage. In some cases, this can result in those tables landing in the top 10 by row count and size on disk.

Spinning up and shutting down a data feed requires system resources. The Job Engine must poll for runnable jobs, pop the data feed job from the queue, push the next occurrence to the queue, spin up a thread to process the job, unpack the named argument XML, constitute the data feed, check the source, determine that there is no work to do, log messages to tblDataFeedHistory and tblDataFeedMessage, and write the completed job information to tblAsyncInstrumentation. In one client instance, a data feed that was scheduled to run every five minutes was executed more than 17,000 times during a 60-day period. During that time there was not a single source row to process. This occupied more than three days of processing time on the services server and generated thousands of rows of data in the instance database to track the processing of the feeds. A better solution is needed.

The Data Feed Monitor is intended to be run through the Windows Task Scheduler at a high frequency (every five minutes or less). When it runs, it checks a pre-configured list of monitors to see if any of them found work to do. Any monitor that finds pending work will call its associated data feed. This results in near real-time data feed execution, but without the expense of spinning up a data feed when there is no work to do. It also avoids the large database footprint associated with frequent data feed execution.

Revisiting our customer example, the Data Feed Monitor was deployed to watch for pending work. Over a subsequent 60-day period, the data feed was executed twice, resulting in a major savings of server resources and database storage.

Key features & benefits

Archer Data Feed Monitor enables you to do the following.

Implement a monitor that can call the data feed only when there is work to do.
Reduce the instance processing requirements.
Reduce the amount of data stored in the database data feed history/log tables.
Improve instance performance.
Leverage the NLog framework to provide control over where and how log messages are written and maintained.

The benefits of the Archer Data Feed Monitor are as follows.

Reduce resource load on the Archer instance and enhance system efficiency.
Avoid rapid growth of system tables caused by frequent data feed execution.

Prerequisites (ODA & system requirements)

Components	Recommended software
Archer solution areas	Any
Archer use cases	Any
Archer applications	Any
Uses custom objects	No
Requires Archer on-demand application (ODA) license	Zero (0) Archer On-Demand license applications are required.
Archer requirements	Archer Platform Release 2025.12 and later
Supported Archer environments	On-Premise Archer on-premises clients can deploy the Windows executable file on the server that is hosting the Archer platform. Archer SaaS Archer SaaS clients can leverage this offering but cannot install the offering in the Archer SaaS environment. The offering must be installed on a client owned and managed server that can communicate with the Archer instance.
.Net Framework	Microsoft .Net framework 4.7.2 and above
Network requirements	Requires network access to the Archer platform

Architecture diagram

The following diagram provides a high-level overview of the data flow process for the Archer Data Feed Monitor Tool & Utility.

Configure Archer Data Archer Data Feed Monitor

Important: It is assumed that the reader has both working knowledge of all products involved, and the ability to perform the tasks outlined in this section. Administrators must have access to the documentation for all products in order to install the required components.

Important: The integration described in this guide is being provided as a reference implementation for evaluation and testing purposes. It may or may not meet the needs and use cases for your organization. If additional customizations or enhancements are needed, it is recommended that customers contact Archer Support for assistance.

The Data Feed Monitor is an ASP.NET console application. The solution includes two XML configuration files. These allow for the specification of authentication credentials, along with other necessary details.

Configure Data Feed Monitor.
Create a Windows Scheduler task for the application.
Test the connection. If the process is successful, it displays the message that criteria is met and feed is queued in the DataFeedMonitor.log.
Execute the Data Feed Monitor. Failure to do so will result in a risk exposure, leaving parameters entered in monitor Section and app Settings (includes Archer credentials, ftp credentials and sql db parameters if configured) in the config file in plain text.
Test the connection. If the process is successful, it displays the message that criteria is met and feed is queued in the DataFeedMonitor.log.

Configure Data Feed Monitor

Extract the zip file DataFeedMonitor.zipto a location/folder.
Edit the appSettings section of the XML configuration file “DataFeedMonitor.exe.config”. If a named config file is being used, edit that file instead.
1. Navigate to the web application folder DataFeedMonitor, and locate the DataFeedMonitor.exe.config file.
2. Open DataFeedMonitor.exe.config file and provide the following information:
  
  <appSettings>
  
  <add key="useSoapAuth" value="[true/false]" /><addkey="archerBaseUrl"value="https://[YourArcherHostURL]"/>
  
  <addkey="cacheFilePath"value="[cacheFilePath]"/>
  
  <addkey="cacheFileEncryptionPassphrase"value="[EncryptionPassphrase]"/>
  
  <addkey="useSslValidation"value="[true/false]"/>
  
  <addkey="securityProtocolVersion" value="[Ssl3/Tls/Tls11/Tls12]" />
  
  <addkey="archerInstance"value="[InstanceName]"/>
  
  <addkey="archerUser"value="[UserName]"/>
  
  <addkey="archerPwd"value="[Password]"/>
  
  <addkey="httpTimeoutMilliseconds" value="[httpTimeoutMilliseconds]" />
  
  <addkey="useDefaultCredentials" value="[true/false]" />
  
  </appSettings>

The following table describes each setting.

Setting	Description and example
[useSoapAuth]	true/false. If archer instance has sso enabled with manual bypass disabled, then use "true". Else use "false"
[YourArcherHostURL]	Archer host URL Example: company.com or 10.20.30.40:99
[cacheFilePath]	Cache file path Example: c:\temp\
[EncryptionPassphrase]	Encryption pass phrase Example: d0n7TryTh1s@h0m3!
[true/false]	True or false to validate SSL Example: false
[Ssl3/Tls/Tls11/Tls12]	The version of security protocol to be used incommunicating with the Archer web server. Example:Tls12
[InstanceName]	Instance name of your Archer environment Example: ArcherProd Note: Instance name is case sensitive.
[UserName]	Username of the account Example: adminuser
[Password]	Password of the user account Example: Password@123
[httpTimeoutMilliseconds]	httpTimeoutMilliseconds Example: 30000
[useDefaultCredentials[	true/false Example: false

Edit the monitorSection section of the XML configuration file.

Edit the monitorSection section of the XML configuration file.

<monitor monitorType="ArcherRecordMonitor"

name="[Name of the datafeed. Value should be Unique]"

associatedFeedGuid="[Data Feed Guid]"

isFeedConvoy="[true/false]"

useSoapAuthentication="[true/false]"

archerBaseUrl="http://[YourArcherHostURL]"

cacheFilePath="[cacheFilePath]"

cacheFileEncryptionPassphrase="[EncryptionPassphrase]"

useSslValidation="[true/false]"

archerInstance="[InstanceName]"

archerUser="[UserName]"

archerPassword="[Password]"

reportGuid="[Archer Report Guid]

useDefaultCredentials="[true/false]"/>

<monitor monitorType="ArcherRecordStatisticalMonitor"

name="[Name of the datafeed. Value should be Unique]"

associatedFeedGuid="[Data Feed Guid]"

isFeedConvoy="[true/false]"

archerBaseUrl="http://[YourArcherHostURL]"

cacheFilePath="[cacheFilePath]"

cacheFileEncryptionPassphrase="[EncryptionPassphrase]"

useSslValidation="[true/false]"

archerInstance="[InstanceName]"

archerUser="[UserName]"

archerPassword="[Password]"

reportGuid="[Archer Statistical Report Guid]"

useDefaultCredentials="[true/false]"/>

<monitor monitorType="FileSystemMonitor"

name="[Name of the datafeed. Value should be Unique]"

associatedFeedGuid="[Data Feed Guid]"

isFeedConvoy="[true/false]"

filePatternToMatch="[File Type to watch]"

directoryToWatch="[Directory Path to be monitored]" />

<monitor monitorType="SqlDatabaseMonitor"

name="[Name of the datafeed. Value should be Unique]"

associatedFeedGuid="[Data Feed Guid]"

isFeedConvoy="[true/false]"

connectionString="[a connection string to the SQL DB Source]">

<command

isProc="[true/false]"

isScalar="[true/false]"

commandText="[The SQL Query or stored procedure name to be executed]">

<param name="[the name of the SQL Parameter]"

type="[The SQL DB Type of the SQL Parameter]"value="[the value of the SQL Parameter]"/>

</params>

</command>

</monitor>

<monitor monitorType="FtpMonitor"

name="[Name of the datafeed. Value should be Unique]"

associatedFeedGuid="[Data Feed Guid]"

isFeedConvoy="[true/false]"

filePatternToMatch="[Regex identifying the files to be watched]"

ftpServerUrl="[FTP Url]"

isAnonymous="[true/false]"

user="[FTP UserName]"

password="[FTP Password]" />

</monitors>

</monitorSection>

Use seperate config file for <monitorSection> (Optional) Users can also use a separate config file for the <monitorSection>. To use a separate file for monitor section:

Edit and replace the <monitorSection> in the xml configuration file with

<monitorSection configSource="[FolderName\monitor.config]" />.

“FolderName” is the folder where the monitor config files are placed and “monitor.config” is the file containing the feed details.

Ex: <monitorSection configSource="ConfigFiles\Test1.config">

The monitor file should have the following format:

<?xmlversion="1.0"?>

<monitorSection>

<monitors>

[Described above]

</monitors>

</monitorSection>

Save and Close the DataFeedMonitor.exe.config file.

Note: Changing the Archer URL in the Config file requires the deletion of the previously used cache file.

Open NLog.config. Locate file target and provide the following information.

filename="[logFilePath]"

Example: fileName="c:\temp\DataFeedMonitor_Nlog.log"

Name of the file to write to.Provide name of the file to write to with the full path.

archiveFileName="[archivelogFilePath]"

Example: archiveFileName="c:\temp\logArchive\DataFeedMonitor_Nlog.{#}.log"

Name of the file to be used for an archive. It contains a special placeholder {#} that will be replaced with a sequence of numbers depending on the archiving strategy. The number of hash characters used determines the number of numerical digits to be used for numbering files.

Create a Windows Scheduler task for the application

Open Windows Task Scheduler and create a task to run DataFeedMonitor.exe according to the desired schedule. If you are only scheduling a single task to run the application, you can use the default configuration file. If you need to schedule multiple tasks to run data feeds on different schedules, store a separate configuration file for each task and pass the name and path of that configuration file to the application on the command line in the task. Whether using the default or a separate named configuration file, create unique Archer user accounts for each task instance so that no other process can authenticate with the same credentials and invalidate the session being used by your task.

To create a Windows Scheduler Task for the application:

Open Windows Task Scheduler
On the right side of the window under Action, click on Create Task.

In the dialog, enter the following:

Section	Description
General	Provide the DataFeed Name
Triggers	Create a new trigger by providing the Frequency to run the tool
Actions	Select the DataFeedMonitor.exe from extracted application folder Archer Data Feed Monitor. Also select a config file in “Add arguments” if you need to set up multiple schedules and are using named configuration files.

Once all the properties for windows task schedule is complete, click on OK to start the schedule.

Note: If Data Feed Monitor is configured to run in Windows Task Scheduler, all associated data feeds referenced in the config file should have start dates several years in the future in Archer to prevent unexpected executions.

Technical information

.NET Configuration

An ASP.NET console application uses an XML configuration file in the form of the DataFeedMonitor.exe.config.

DataFeedMonitor.exe.config Configuration details

<addkey="archerBaseUrl"value="https://[YourArcherHostURL]"/>

<addkey="cacheFilePath"value="[cacheFilePath]"/>

<addkey="cacheFileEncryptionPassphrase"value="[EncryptionPassphrase]"/>

<addkey="useSslValidation"value="[true/false]"/>

<addkey="securityProtocolVersion" value="[Ssl3/Tls/Tls11/Tls12]" />

<addkey="archerInstance"value="[InstanceName]"/>

<addkey="archerUser"value="[UserName]"/>

<addkey="archerPassword"value="[Password]"/>

<addkey="httpTimeoutMilliseconds" value="[httpTimeoutMilliseconds]" />

</appSettings>

This file contains the following configuration details:

<addkey="archerBaseUrl"value="https://[YourArcherHostURL]"/>

<addkey="cacheFilePath"value="[cacheFilePath]"/>

<addkey="cacheFileEncryptionPassphrase"value="[EncryptionPassphrase]"/>

<addkey="useSslValidation"value="[true/false]"/>

<addkey="securityProtocolVersion" value="[Ssl3/Tls/Tls11/Tls12]" />

<addkey="archerInstance"value="[InstanceName]"/>

<addkey="archerUser"value="[UserName]"/>

<addkey="archerPassword"value="[Password]"/>

<addkey="httpTimeoutMilliseconds" value="[httpTimeoutMilliseconds]" />

</appSettings>

The XML configuration code below offers a configuration example.

<addkey="archerBaseUrl"value="https://localhost/archer"/>

<addkey="cacheFilePath"value="c:\temp\"/>

<addkey="cacheFileEncryptionPassphrase"value="d0n7TryTh1s@h0m3!"/>

<addkey="securityProtocolVersion" value="Tls" />

<addkey="useSslValidation"value="false"/>

<addkey="archerInstance"value="Archer"/>

<addkey="archerUser"value="adminuser"/>

<addkey="archerPassword"value="Password@123"/>

<addkey="httpTimeoutMilliseconds" value="30000" />

</appSettings>

DataFeedMonitor.exe.config settings

The following table describes each setting in DataFeedMonitor.exe.config file.

Setting	Description
useSoapAuth	The api method used to authenticate to archer. Acceptable values - true/false. If archer instance has sso enabled with manual bypass disabled then use "true". else use "false"
archerBaseUrl	The root URL for the Archer instance from which information is pulled.
cacheFilePath	Path to the location where the cache file will be written. This flat file is used to cache Archer ID values. When the solution is started, values are looked up from the configured Archer instance and stored in the cache file. This enables correctly referenced fields, modules, and other resources to use IDs appropriate to the Archer instance.
cacheFileEncryptionPassphrase	If provided, the cache file is encrypted using this setting as the passphrase, providing security for data at rest.
securityProtocolVersion	This value dictates which security protocol should be used. Options include: SSL3, TLS 1.0, TLS 1.1, and TLS 1.2.
useSslValidation	When set to true, custom validation is used for the SSL certificate. This is necessary when using a self-signed certificate to avoid validation dialogs.
archerInstance	The name of the Archer instance from which information is pulled.
archerUser	The name of the account used to pull information from Archer.
archerPassword	The password for the account used to pull information from Archer.
httpTimeoutMilliseconds	The httpTimeoutMilliseconds provides a configuration setting that enables the user to override the default HTTP timeout of 30,000 milliseconds (30 seconds). This value is in milliseconds and should be set to the number of seconds you want HTTP time out to take * 1000.
useDefaultCredentials	This property can be set to true or false. When true, the logged-in user’s credentials can be requested by IIS, if needed. For this application, the value can safely be set to false.

The configuration file also allows you to define monitors, along with other necessary details.

The following is a description of each of these settings.

<sectionname="monitorSection"…– this entry associates a custom configuration section with the assembly that will be used to process that section. This entry should not be modified.

<monitorSection><monitors>…– this section contains configuration information for each individually configured monitor.

<monitor…– each monitor node defines the configuration for a single data feed monitor. The configuration file can contain as many monitors are needed.

General required monitor attributes

The following table describes the required monitor attributes.

Attribute	Description
monitorType	Must be one of 5 supported values corresponding to the type of transporter being used by the feed to be monitored.
archerRecordStatisticalMonitor	Archer Web Services Transporter (statistical report)
fileSystemMonitor	File Transporter
sqlDatabaseMonitor	Database Query Transporter
ftpMonitor	FTP Transporter
name	Name of the monitor is used only to allow the administrator to determine what has been configured. It is recommended that monitors be named for the feeds they will run.
associatedFeedGuid	GUID associated with the feed that should be run when the monitor finds pending work.
isFeedConvoy	Boolean (true/false) value indicating whether or not this feed has others that reference it. When this value is set to “true”, the next feed will be automatically executed upon completion of the reference feed.

Note: File Transporter and Database Transporter datafeeds are not supported in SaaS.

Monitor-specific required attributes

The following table lists the monitor attributes that may be required by the type of monitor being configured. If these attributes are not specified in the configuration for the monitor, an exception will be logged, and the application will exit.

Monitor Attribute	Description
reportGuid	GUID associated with the Archer report that supplies the source data for the configured feed. This report will be executed using the SOAP API. If the report is a statistics report, the Archer Record Statistical Monitor must be used.
Filesystem Monitor	directoryToWatch– the path to the directory that will be monitored. filePatternToMatch– a file specifier that identifies which files to watch for in the configured watch directory. For example, “*.csv”.
SQL Database Monitor	connectionString– a valid connection string for a Microsoft SQL Server database. This is using the .NET SqlClient class under the covers and does not currently support Oracle connections. command– an XML structure specifying the details of the command to be executed. command/isProc – a boolean [true/false] value indicating whether the configured command text is a stored procedure to be executed. command/isScalar – a boolean [true/false] value indicating whether the configured stored procedure returns a scalar value. Set this value to false for stored procedures that return row results. command/commandText – the actual text of the command to be executed. For SQL queries, this will be the text of the query. For stored procedures, this will be the name of the procedure. command/Param – an individual parameter to be passed to the configured stored procedure. command/Param/name – the name of the parameter command/param/type – the SQL DB Type associated with the parameter. Valid values are: BigInt, Binary, Bit, Char, DateTime, Decimal, Float, Image, Int, Money, NChar, NText, NVarChar, Real, UniqueIdentifier, SmallDateTime, SmallInt, SmallMoney, Text, Timestamp, TinyInt, VarBinary, VarChar, Variant, Xml, Udt, Structured, Date, Time, DateTime2, DateTimeOffset command/param/value – the value of the parameter
FTP Monitor	ftpServerUrl– the URL to the FTP server to be monitored. The current version of the FTP monitor does not support secure FTP or monitoring in folders other than the root. This is provided as a reference implementation. isAnonymous– a Boolean (true/false) value indicating whether the connection should be made using anonymous credentials. When false, username and password should be supplied. User– a valid FTP user id Password– the password associated with the configured FTP user id filePatternToMatch– a regular expression identifying the files to watched for in the configured FTP server. Since FTP does not support file filtering in the same way that the filesystem does, a directory listing is requested and each row of the result is checked for a match against the regular expression. The first row that matches will cause the feed to be executed. For example, “^.\.(csv)$” would be equivalent to “.csv “.

Troubleshooting

Configuration File (DataFeedMonitor.exe.config)

Ensure the values in the configuration file match your Archer environment.
Do not include default.aspx in the Archer URL.
Note that the Archer instance name is case sensitive.
If you are changing the Archer URL in the config file, ensure that you have deleted the previously used cache file.
Ensure that dedicated, active Archer user account credentials are used in the configuration file.

File Transport MonitorOthers:

When configuring a file transport monitor, if the directory being monitored is not in the same location where the Data Feed Monitor is running, ensure that you have specified the full path in the “directoryToWatch” parameter. This will be the case when the directory to watch is on a network share, or when the it is not in the same location where the Data Feed Monitor is running. If the folder has security, you can schedule the task in Windows Task Scheduler to run under a privileged account. Or you can just have it run the task under a service account and then grant that account access to the share.
If you are running an Archer Record Monitor and the utility is reporting that the criteria are not met, even when you think they should be, ensure that the report that the monitor is watching is a standard report, not a statistics report. If the report is a statistics report, you must configure an Archer Record Statistical Monitor instead. This is because the two reports return different XML schemas, so a specialized monitor is required to correctly parse the XML and count results.

Criteria Not Met message

If you are running an Archer Record Monitor and the utility is reporting that the criteria are not met, even when you think they should be, ensure that the report that the monitor is watching is a standard report, not a statistics report. If the report is a statistics report, you must configure an Archer Record Statistical Monitor instead. This is because the two reports return different XML schemas, so a specialized monitor is required to correctly parse the XML and count results.

Certification environment

Date tested: May 2026

Product Name	Version Information
Archer	2025.12