4 Replies Latest reply on Sep 20, 2017 11:24 AM by LANDeskWizard

    Reporting on CSA Usage




      We have a functioning CSA now and wanted to do some kind of reporting on how many machines are patching/posting inventory etc via the CSA.


      Can anyone suggest any methods for compiling this information ?

        • 1. Re: Reporting on CSA Usage
          phoffmann SupportEmployee

          You can parse the IIS logs for the WSVulnerability service on the Core (i.e. - anything with "wsvulnerability" in it) for distinct IP's and go from there? That may be the easiest way (and then removing known "internal" network client IP-s).


          There's logs on the CSA that you can review, but since I don't have a CSA on hand, I can't show you much here other than point towards them.


          What's the purpose here - "justifying" the setup of the CSA as it were, or is this more of a "hey, we know we have 200 clients that never go on the corporate network - we need to make sure that they're scanning in properly".


          If it's the latter, you COULD just run a simple LANDesk query with the "Last vulnerability scan date" being either a filter field or a column field.


          For instance, to show you devices that scanned in the last 30 days, you can use this as your search condition:



          Or in text-format, something like this:

          "COMPUTER"."Last Vulnerability Scan Date" > "GetDate()-30"


          ... and/or filter then on known roaming devices, for instance, etc.


          Depends on what you're actually in need of (and why) . More context == always good.

          1 of 1 people found this helpful
          • 2. Re: Reporting on CSA Usage

            Thanks for your reply, yes the purpose here is more along the lines of justifying the setup and understanding what value we're getting out of it.


            I can take a look at the IIS log idea, but would prefer something out of the box if available.


            I notice in the Clean/Repair history info for a particular client that it notes the machine was "validated via CSA" so wondered if that data might be aggregated somewhere.

            • 3. Re: Reporting on CSA Usage
              phoffmann SupportEmployee

              If you include a screenshot of what you're talking about, that'd help locating it .


              Chances are, I may have covered the relevant tables in this place though -- Getting started with Patch Reporting (SQL, Tables & such) -- worth having a look .

              • 4. Re: Reporting on CSA Usage
                LANDeskWizard SSMMVPGroup

                esirvys You can look at file "C:\Program Files\LANDesk\ManagementSuite\BrokerServiceActivity.log", on the core server, for information on what is being done via the CSA. I think this will provide the information you are looking for to justify. While it is not in the best of format, I am sure there may be a way to extrapolate it into something that can be easily presented.

                1 of 1 people found this helpful