IBM Support

IV89408: QVM SCANS UNEXPECTEDLY DISPLAY A ZERO VULNERABILITY COUNT AND NO ASSETS CREATED FROM THOSE SCANS

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • It has been observed that after running a large volume of scans
    with Vulnerability Manager that the Scan Results screen shows
    zero for all columns.
    
    The columns are:
    Assets
    Vulnerabilities
    Vulnerability Instances
    Open Services
    
    If the scan detected new assets, an additional symptom is that
    the new assets are not created in QRadar's Asset Model.
    
    QVM has a result aggregation process, driven from DB function
    report_buildreports which occurs after each scan instance
    completes.
    This aggregation process parses one set of scan results per
    minute. Therefore with a very large volume of scans the
    aggregation process may fall behind.
    

Local fix

  • Please contact support for a workaround that may help under some
    circumstances.
    

Problem summary

  • This issue was resolved with QRadar/QRM/QVM/QRIF 7.2.7 Patch 4
    

Problem conclusion

  • This issue was resolved with QRadar/QRM/QVM/QRIF 7.2.7 Patch 4
    

Temporary fix

Comments

APAR Information

  • APAR number

    IV89408

  • Reported component name

    QR VULNERABILIT

  • Reported component ID

    5725QVMSW

  • Reported release

    727

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2016-09-23

  • Closed date

    2016-10-25

  • Last modified date

    2016-10-25

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    QR VULNERABILIT

  • Fixed component ID

    5725QVMSW

Applicable component levels

  • R727 PSY

       UP

[{"Business Unit":{"code":"BU008","label":"Security"},"Product":{"code":"SSHLPS","label":"IBM Security QRadar Vulnerability Manager"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"727","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Document Information

Modified date:
25 October 2016