This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject

A new Flexera Community experience is coming on November 18th, click here for more information.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Anomalies with endpoint scans

GerrySeaye
By
Level 2

Hi all...

First time poster. We have introduced Flexera Software Vulnerability Manager to our environment and hoping someone can help me or advise who I should contact. 

When we go through are scan results we are noticing some anomalies.  For instance we have a number of endpoints reporting they have a licensed product Adobe photoshop but the program does not exist on the machine.  We have a good example here where it has reported the last scan on the endpoint was 14 hours ago however this machine has been offline for 11 days. 

Note: we are running agentless, if that matters.

Any ideas?

Thanks,

Gerry

‎Jul 30, 2020 01:41 AM

Preview file
209 KB
0 Kudos
(3) Replies

SimonEdwards
By
Flexera Alumni

HI Gerry

Thank you for your community posting.

Could I ask if you are using SCCM Inventory import? If you are using SCCM import SVM will report based on the last inventory scan for the machine which could still show a machine that has been offline for days as it will take the last inventory.

We would recommend deploying the agent as this gives a more accurate scan.

Regards

Simon Edwards
Senior Technical Support Engineer
SVM SUpport

 

Simon Edwards
Senior Technical Support Engineer
SVM Support

‎Aug 03, 2020 10:11 AM

GerrySeaye
By
Level 2
In response to SimonEdwards

Thanks for responding Simon.


Sorry, but my team members are very new to this environment. How can we confirm this?

Thanks,

Gerry

 

‎Aug 06, 2020 02:52 AM

0 Kudos

SimonEdwards
By
Flexera Alumni
In response to GerrySeaye

Hi Gerry

The easiest way for you to confirm the difference between SCCM Inventory import scans and using the agent, is to run the agent on an affected machine and compare.

Firstly make a note or export a report on the affected machine first from the SVM Console, then download the agent with Token to the affected machines desktop from the SVM Console and using a command prompt as an administrative user run the CSIA.EXE from the command prompt, using the following command   csia.exe -c -v -v -v -d "c:\scanlog.log"  This will perform a scan with verbose logging.  The logging will show all of the software detections and their file paths.

You can then compare the scanlog against the report you produced earlier.

Regards

 

Simon Edwards
Senior Technical Support Engineer
SVM Support

Simon Edwards
Senior Technical Support Engineer
SVM Support

‎Aug 06, 2020 05:54 AM

Top Kudoed Authors
View all