1 Reply Latest reply on Jan 26, 2017 4:25 AM by phoffmann

    CVDETECTED Table

    talk2neeraj2k7 Apprentice

      Hi Everyone,

       

      Lets say there is a Vulnerability ID 'X', and it is being detected on 'Server1' as per record in CVDETECTED table, next day I patched 'Server1' that vulnerability X clears out (now it no longer shows that Server1 is vulnerable to X as it got fully patched), That record in CVDETECTED table gets cleared. So my doubt is after 1 week or 1 month if I want to report that what Vulnerabilities 'Server1' was vulnerable to? How can I report that? Is there any table where this information gets stored may be for sometime?

      I understand that we can see the 'Patch History' table where it shows that all the patches those got successfully installed  or failed and on what date. However 'Patch History' table only shows 'Patch', but I am trying to report on 'Vulnerability ID' as that is the most recommenced way to report on. Reporting based on Patches get very messy and complicated as per the information I have learned and experienced from excellent community posts written by @ Paul Hoffmann

       

      Thank you,

        • 1. Re: CVDETECTED Table
          phoffmann SupportEmployee

          We don't keep a historical view of "here's what you were vulnerable to 1 month ago".

           

          But you can run a report on what you've been patching in the last time. I've documented something like that here:

          - Getting started with Patch Reporting (SQL, Tables & such)

           

          ... that'll give you a good insight into what information is where. And especially the heading/chapter III.A - Request 1 - a "Query that allows you to see what Patches have been pushed to any particular machine." in the article sounds like exactly the sort of thing you're trying to achieve.