Resolving issues with discovery results is an iterative process:
- Configuring and running Scan Jobs
- Review results of Scan Jobs in IT Explorer and Scan Logs and Results
- Refine Scan Jobs until the environment has been completely discovered
- Reviewing the findings and extending the Scan job scopes / Blacklisting low-interest processes / Adding Fingerprints and Templates to model the environment more accurately
IT Explorer
Scan Logs
A Scan Log allows displaying the information about the scan per IP Address.
Columns can be sorted and allow to quickly identify things like IP addresses taking a lot of time to be scanned, or IPs where credentials didn't provide access to target systems.
|
Scan Status |
Description |
Category |
Action Required by |
Action |
|---|---|---|---|---|
|
Success |
|
Scanned |
None |
None |
|
NoConnection |
System is pingable, but has none of the required port(s) allowing to connect to it |
Not Scanned |
Customer |
Check firewall ports, |
|
CredentialFailed |
Authentication failure |
Not Scanned |
Customer |
Check Credentials |
|
InsufficientPriviliege |
Credentials do not allow to execute the commands required to generate a guaranteed unique and durable CI identifie |
Not Scanned |
Customer |
Check Credentials |
|
ScanFailure |
Unrecoverable or unexpected errors, untrustable Ids, missing key CI’s, or timeouts / aborted target scan |
Not Scanned |
ServiceProvider |
Check Logs |
|
SkippedAsSameAs |
Target has already been scanned in same Scan Job, via a different IP@, ie scan result has already been sent to the Cloud. |
Skipped |
None |
None |
|
ConnectionFailed |
Unexpected error happened during connection, ie error is different than InsufficientPrivileges or CredentialFailed (incorrect credentials). |
Not Scanned |
ServiceProvider |
Check Logs |
|
UnusableConnection |
Target has been successfully connected, but some 'services' (like RPC) are missing on target, thus preventing a successful scan |
Not Scanned |
Customer |
Check firewalls and/or target system health |
|
NoAnswer |
Target unreachable |
Not Scanned |
Customer |
Check Scope, Firewalls, is device turned on? |
|
NoCredential |
Target identified and type identified (ie Unix, Windows, etc), but no corresponding Credential in ScanJob config |
Not Scanned |
Customer |
Check Credentials |
|
Unknown |
Unexpected condition. |
Not Scanned |
ServiceProvider |
Check Logs |
|
PartialScan |
Target has been successfully connected with appropriate privilege levels and a trustable target identifier has been generated, however, some data has not been collected, like Disks, FileSystems, processes, Connections, etc. |
Not Scanned |
ServiceProvider |
Check Logs |
|
SkippedAsWorkStation |
|
Skipped |
None |
None |
|
SkippedAsExcluded |
Target is in list of excluded IPs |
Skipped |
None |
None |
|
Aborted |
|
Not Scanned |
ServiceProvider |
Check Logs |
|
NoResult |
No scan result received by iQCloud |
Not Scanned |
ServiceProvider |
Check Logs |
|
CredentialNoLongerWork |
Credendial no longer works. |
Not Scanned |
Customer |
Check Credentials |
|
LockedAccount |
Connection was not established due to too many authentication failures |
Not Scanned |
Customer |
|