Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

Troubleshooting Scan Issues

Troubleshoot scanning issues in your network by investigating logs, error, and warning messages.

Slow Response Time from Scanned Host

Deploy the JSA Vulnerability Manager scanning appliance relatively close to the assets that you are scanning. Use commands such as traceroute to ensure that packets are reaching the asset in less than 50 ms, otherwise scans might take a long time.

Check Status Of Scan Tools

If your scans are running for a long time, and you want to know what tools are running, place the cursor over the scan progress percentage on the scan results page to display a popup window, which shows you the active tool.

Patch Scan is Not Connecting to a Linux Asset

If the patch-scan tool is not connecting to a Linux asset, a yellow triangular warning icon is displayed next to the asset in the scan results.

You might see the SSH Patch Scanning - Failed Logon error message.

Validate the user name and password. If you are using public key encryption, check the public key.

To scan Linux operating systems by using secure authentication, configure public key encryption between your console or managed host and your scan targets. Non-root user accounts must have the permissions to run the commands that JSA Vulnerability Manager requires to scan for patches on Linux and UNIX computers. For more information, see Authenticated Patch Scans.

Local Checks Error

If the patch scan tool cannot connect to a Windows asset, a yellow triangular warning icon is displayed next to the asset in the scan results.

You might see the Local Checks Error error message, which means that the authenticated scan failed.

You can configure credentials in the scan profile or in centralized credentials. If the scanner is scanning Windows-based hosts, the following three windows services that must be configured correctly:

  • Remote registry

  • Windows Management Instrumentation (WMI)

  • Admin shares

For more information, see Scanning on Windows-based Assets.

Same Vulnerability Titles for Different KBs

If the KB for a bulletin is superseded by a KB in a future bulletin the vulnerability title does not change.

Stalled Scan

If the scan is stalled or the scan is intermittent, an authorized user can log on to the scanner and verify the connectivity with the scan processor. Check the JSA Vulnerability Manager error logs for connection errors.

UDP Port Scan Takes a Long Time

If a scan policy is configured to scan all UDP ports, the scan might take a long time to complete, especially if the target host has several closed UDP ports. For PCI compliance scans, you are not required to scan all UDP ports. For more information, see Scan Duration and Ports Scanning.

Number of Assets Scanned Warning

If you see the following warning message on the Scan Results screen, your scan performance and scan results are not affected:

Warning:

You have scanned <number> assets but are only licensed to scan <number> assets. License Update Required!

Note:

You might need to check your JSA Vulnerability Manager license to verify how many assets your license permits you to scan.

Related Documentation