6 Replies Latest reply on Feb 27, 2008 3:52 PM by dvanderheiden

    detected vunerabilities by location report

    Apprentice

       

      Im unsure to what changes have been made but when i go to run this report by location and select ALL, it shows me about 7 pages of devices that have detected velerabilties by location. Where as usually i would see over 20. I have not patched machines since that last report showing 20 pages plus to now 7 pages. I see one device is requiring over 100+ patches but when producing this report it shows up as requiring just ONE patch?? what is going on? is it something to do with the location being a AD group instead of a group within LDMS. I think the reports were better when they were ran against ALL DEVICES- groups rather than AD groups? i think this could be my issue. im very confused at what has happened and cant pinpoint when the change was made to LDMS for this to happen.

       

       

      Any ideas?

       

       

        • 1. Re: detected vunerabilities by location report
          Expert

          This is a "By Location" Report, it has never been run against the "All Device" group as this is not a location. About the only thing that could have possibly changed from the previous report would be the AD locations listed under the "All" Option for this canned report. I am a bit confused by your statement that the one machine has over 100 vulnerabilities but only one is now listed? If you look at this machines vulnerabilities in the Right Click Menu Security and Patch Information Missing Patches it should match what is reported my this report unless you somehow have duplicate machine issues.

          • 2. Re: detected vunerabilities by location report
            Rookie

            Actually, I am also seeing this difference in the past few weeks.  One notable update I've made in that time is going from 8.7 SP4 to SP5 (though this may have happened prior to the service pack, it's a difficult thing to notice).  I can right-click on a machine and look at what updates went out to it today and see any number of updates that successfully installed (as with the original poster, some machines had over 100 in a day when we were setting up new machines).  Then I run the report either "remediated vulnerabilities by location" or even "remediated vulnerabilities by date" and it never shows any more than one update in the report per machine.  These used to be the only built-in reports I would use.

             

            Since I noticed the problem I had been worried that the database may have been corrupt.  I've used dbRepair, then coredbutil to clean out corrupted entries and rebuild the tables.  When that didn't resolve it, I even went so far as to clean out my entire database and start from scratch.  None of this was able to resolve the issue.  I have a feeling that the query the report runs somehow changed, but did not see any notes about it in the SP release.

            • 3. Re: detected vunerabilities by location report
              Rookie

              I was getting a similar problem. I am running 8.7sp4. I am looking at the 'Detected Vulerabilities by Computer'. I checked this with several computer. The report is showing only one vulnerability yet when I go to the Patch and Security Information for the individual computers I will have about a dozen patches or service packs. This discrepancy between the report and the Landesk Management suite console is disturbing.
              I ran and sent off this report to one of the end clients. At first I was pleased that he was so diligent in keeping his system patched. But I was suspicious and so I started looking around. Unfortunatly there were about a dozen patches that he needed that did not show up in the report. Quicktime, Adobe Reader8.12, Intel driver update and others are showing as needing to be patched in the Security and Patch information panel.
              We are having some problems with our database with some strange field names and computers that we cannot delete from the database. We are going to move to a new server hardware and Landesk 8.8 next month so we were going to start fresh. I assumed that the problems were with my system.

              • 4. Re: detected vunerabilities by location report
                Rookie

                I've spoken with some folks from LANDesk regarding this problem and it looks like this can be resolved by going into Patch Manager and scheduling the 'Gather Historical Data' task in order to update the reports.  There is also a hotfix for this (at least for 8.8) which can be obtained from LANDesk.  I haven't yet tried doing this, but should be able to test it this week.

                • 5. Re: detected vunerabilities by location report
                  Rookie

                  I tried the Gather Histrical Data task with no luck.  I am still getting the same problem as before.  We have a new server on order and we will be moving to the Landesk 8.8 next month so I don't want to spend to much time on this right now.  I might be back next month

                  TNX
                  Blair.

                  • 6. Re: detected vunerabilities by location report
                    Rookie

                     

                    After contacting LANDesk, I was provided with a patch for 8.7 SP5 which resolved the issue.  There is also a patch for 8.8, but I'm not sure if any others exist.  I tried the 'Gather Historical Data' before applying the patch which did not work.   If you call LANDesk, the name of the patch they provided me with was: AV-473287.5 and it referenced

                    CLEARQUEST NUMBER: CR4732

                     

                     

                    Hope this information helps.