1 Reply Latest reply on May 28, 2011 10:04 AM by Catalysttgj

    LDMS 9 tables CVDetected and ComputerVulnerability


      Does anybody knows what are this tables for? What is the use of each one and what are the differences in utility?



        • 1. Re: LDMS 9 tables CVDetected and ComputerVulnerability
          Catalysttgj Expert

          I believe CVDetected is the new table that was introduced in 9 that more represents the real time state of the environment based on last vulnerability scans.

          So every patch that is "DETECTED" during a day of scanning will appear in here, and for that matter stay in here, i believe until its patched and no longer detected. Now, when Gatherhistory runs, it will basically copy/move this information into the Computervulnerability table where it retains a certain amount of history determined by how long the gatherhistory process is told to retain it. It used to be that everything went straight into Computervulnerability. Now, its split into a sort of real-time bucket and a history bucket, so if you want to get up to the minute accuracy on your reporting of the state of any patches, you'll either have to generate your report immediately after gatherhistory is done, and then your reporting will be accurate if all it looks at is the Computervulnerability, OR.. if you intend to be able to just run a report any old time, you'll need your reporting to look at BOTH CVDetected and Computervulnerability together, which will most likely  be a pain to query!


          BTW, table translation from LDMS to SQL is:

          "Security and Patch definitions" = Computervulnerability (might also have something to do with "Patch and Compliance Definitions, but not sure!)

          "Detected Patch and Compliance Definitions" = CVDetected



          Hope that helps ya!