Troubleshooting Scan Issues
Troubleshoot scanning issues in your network by investigating logs, error, and warning messages.
Slow Response Time from Scanned Host
Deploy the JSA Vulnerability Manager scanning appliance relatively close to the assets that you are scanning. Use commands such as traceroute to ensure that packets are reaching the asset in less than 50 ms, otherwise scans might take a long time.
Check Status Of Scan Tools
If your scans are running for a long time, and you want to know what tools are running, place the cursor over the scan progress percentage on the scan results page to display a popup window, which shows you the active tool.
Patch Scan is Not Connecting to a Linux Asset
If the patch-scan tool is not connecting to a Linux asset, a yellow triangular warning icon is displayed next to the asset in the scan results.
You might see the
SSH Patch Scanning - Failed
Logon error message.
Validate the user name and password. If you are using public key encryption, check the public key.
To scan Linux operating systems by using secure authentication, configure public key encryption between your console or managed host and your scan targets. Non-root user accounts must have the permissions to run the commands that JSA Vulnerability Manager requires to scan for patches on Linux and UNIX computers. For more information, see Authenticated Patch Scans.
Local Checks Error
If the patch scan tool cannot connect to a Windows asset, a yellow triangular warning icon is displayed next to the asset in the scan results.
You might see the
Local Checks Error error message, which means that the authenticated scan failed.
You can configure credentials in the scan profile or in centralized credentials. If the scanner is scanning Windows-based hosts, the following three windows services that must be configured correctly:
Windows Management Instrumentation (WMI)
For more information, see Scanning on Windows-based Assets.
Same Vulnerability Titles for Different KBs
If the KB for a bulletin is superseded by a KB in a future bulletin the vulnerability title does not change.
If the scan is stalled or the scan is intermittent, an authorized user can log on to the scanner and verify the connectivity with the scan processor. Check the JSA Vulnerability Manager error logs for connection errors.
UDP Port Scan Takes a Long Time
If a scan policy is configured to scan all UDP ports, the scan might take a long time to complete, especially if the target host has several closed UDP ports. For PCI compliance scans, you are not required to scan all UDP ports. For more information, see Scan Duration and Ports Scanning.
Number of Assets Scanned Warning
If you see the following warning message on the Scan Results screen, your scan performance and scan results are not affected:
You have scanned <number> assets but are only licensed to scan <number> assets. License Update Required!
You might need to check your JSA Vulnerability Manager license to verify how many assets your license permits you to scan.