4 Replies Latest reply on Sep 20, 2017 11:24 AM by LANDeskWizrd

    Reporting on CSA Usage

    esirvys Rookie



      We have a functioning CSA now and wanted to do some kind of reporting on how many machines are patching/posting inventory etc via the CSA.


      Can anyone suggest any methods for compiling this information ?

        • 1. Re: Reporting on CSA Usage
          phoffmann SupportEmployee

          You can parse the IIS logs for the WSVulnerability service on the Core (i.e. - anything with "wsvulnerability" in it) for distinct IP's and go from there? That may be the easiest way (and then removing known "internal" network client IP-s).


          There's logs on the CSA that you can review, but since I don't have a CSA on hand, I can't show you much here other than point towards them.


          What's the purpose here - "justifying" the setup of the CSA as it were, or is this more of a "hey, we know we have 200 clients that never go on the corporate network - we need to make sure that they're scanning in properly".


          If it's the latter, you COULD just run a simple LANDesk query with the "Last vulnerability scan date" being either a filter field or a column field.


          For instance, to show you devices that scanned in the last 30 days, you can use this as your search condition:



          Or in text-format, something like this:

          "COMPUTER"."Last Vulnerability Scan Date" > "GetDate()-30"


          ... and/or filter then on known roaming devices, for instance, etc.


          Depends on what you're actually in need of (and why) . More context == always good.

          1 of 1 people found this helpful
          • 2. Re: Reporting on CSA Usage
            esirvys Rookie

            Thanks for your reply, yes the purpose here is more along the lines of justifying the setup and understanding what value we're getting out of it.


            I can take a look at the IIS log idea, but would prefer something out of the box if available.


            I notice in the Clean/Repair history info for a particular client that it notes the machine was "validated via CSA" so wondered if that data might be aggregated somewhere.

            • 3. Re: Reporting on CSA Usage
              phoffmann SupportEmployee

              If you include a screenshot of what you're talking about, that'd help locating it .


              Chances are, I may have covered the relevant tables in this place though -- Getting started with Patch Reporting (SQL, Tables & such) -- worth having a look .

              • 4. Re: Reporting on CSA Usage
                LANDeskWizrd SSMMVPGroup

                esirvys You can look at file "C:\Program Files\LANDesk\ManagementSuite\BrokerServiceActivity.log", on the core server, for information on what is being done via the CSA. I think this will provide the information you are looking for to justify. While it is not in the best of format, I am sure there may be a way to extrapolate it into something that can be easily presented.

                1 of 1 people found this helpful