Overview
This document describes settings required to achieve the best possible scan results in Software Vulnerability Manager provided by Microsoft Endpoint Configuration Manager.
Microsoft Endpoint Configuration Manager Software Inventory
The inventory agent is configured by a set of simple rules that govern which files are queried. To produce the best possible scan result using SCCM, the Software Vulnerability Manager uses a relatively broad pattern, which could lead to large amounts of data being collected. If all file data is collected, a file size of between 5 and 10 MB for a single host is not uncommon, and the SQL server must be dimensioned to handle this.
Prerequisites
Microsoft Endpoint Configuration Manager integration requires the following prerequisites:
Please note that on a standard machine there are up to 10 times more .dll files than .exe so when expanding the scope of the SCCM agent you should expect a similar increase of the SQL database. By excluding the .dll files from Windows folder the expected database increase is 3-4 times.
Large Inventory Files
Since you are changing the SCCM software inventory to gather more metadata from your SCCM agent, you could run into an issue that the inventory files will become too big.
All the large inventory files are from SCCM secondary servers because of the software inventory task ran against packages in DP folders. SCCM is collecting all the data, such as .exe and .dll files, in each application package.
If the full software inventory report from the client is larger than the configured maximum size (5 MB by default) then those files will be moved to the BadSINV folder.
Solution: Increase the maximum allowable size, which is defined in the registry key below:
HKLM\Software\Microsoft\SMS\Components\SMS_SOFTWARE_INVENTORY_PROCESSOR\Max File Size (the default is 5 MB), and wait for SMS Software Inventory Processor to retry the operation.
Configure System Center Inventory Import in Software Vulnerability Manager
To configure inventory import navigate to Scanning - Remote Scanning Via Software Vulnerability Manager - System Center Inventory Import. Click on Configure System Center
There are two options of configuring connection between SVM and Microsoft Endpoint Configuration Manager database
1. Enter FQDN or IP address of your Microsoft Endpoint Configuration Manager server to automatically detect SQL settings
2. Enter your database details manually
Dec 22, 2020 06:29 AM