I was wondering if someone could explain how to go about making sure an Upload Software Scan policy completed successfully. Currently we have 4 of these action policies running to divide up our endpoints, and all but one of them are reporting computers and completion percentages. I have checked the parent initiate software scan policy and it looks to have ran and completed successfully. It maybe nothing but it seems weird to me that all of them would have completion times except for one. See below.
Do you have access to the endpoint inorder to run the relevances on QnA tool? That would pinpoint the exact problem.
If you want to troubleshoot on the console itself, you can run the task âAnalyze the Relevance of a Fixlet or Taskâ and select âUpload Software Scan Resultsâ. This will create an analysis using which you can check the endpoint group having issues.
I can do that I guess, but I was thinking more along the lines of there being a log file I could parse to maybe locate an âuploadâ entry, or maybe check the client itself for the actual files that the initiate software scan action gathered.
If the upload succeeded wouldnt those files be cleaned up once uploaded to the root server? Also is it normal not to see a percentage\device count for the open action itself? I would think if it ran then those entries would be there.
Not seeing a percentage / count for the results usually means that the action is dynamically-targetted and was not relevant to any computers.
The âUpload Scan Resultsâ fixlet is, I believe, only relevant if the endpoint has completed a scan and has new results (since the last âUpload Resultsâ executed). Have these endpoints finished a scan, and do they maybe overlap one of the other âUpload Scan Resultsâ groups?
It looks like an upload for the selected devices should be valid as the last scan date shows being on the 14th (we are -4 to UTC time) as it should be. I have verified that these devices are not in any other upload action group.
Ok, so I did some more testing and it looks like Relevance 2 from the Upload Software Scan Results action is returning False on this group of machines. Can anyone tell me what the below relevance language is looking for?
Itâs checking for the presence of the file âsoftware_scan_result.readyâ in the results folder (which should be __BESData\LMT\CIT). This file is created by Task 2 âInitiate Software Scanâ when the scan completes. Check whether the file is present, and if not there may be a problem with the last run of âInitiate Software Scanâ (like the agent restarting or client rebooting during a scan before the results are stored)
In addition to that, also activate and check the âSoftware Scan statusâ analysis. If will show whether the scan was successful or not. Do remember that Initiate Software Scan showing completed does not mean that the scan was successful. It just means that the scan was successfully initiated.
The analysis will show you more relevant information.
1 Like
Sorry guys about not posting back sooner. Had some others things take priority. I am trying to troubleshoot further now confirming the Initiate Software Scan policy has ran successfully. I am now trying to run the Force Reupload of Software Scan Results task on a couple test devices, but every time I run the action the device show as Not Relevant. I used QnA to narrow down the issue and it looks like Relevance 5 is the culprit. Can someone shed some light on what it is looking for?
(exists ((folder (if (exists value of settings âCIT_Scanner_OutDirâ of client) then (value of settings âCIT_Scanner_OutDirâ of client) else (if (name of operating system as lowercase starts with âwinâ) then ((if (version of client >= â9â as version) then (pathname of parent folder of data folder of client) else (pathname of parent folder of regapp âbesclient.exeâ)) & â\LMT\CITâ) else ((if (version of client >= â9â as version) then (pathname of parent folder of data folder of client) else (pathname of parent folder of parent folder of client folder of site âactionsiteâ)) & â/LMT/CITâ)))) whose ((exists file (computer id as string & â_cit.xml.bz2â) of it) or (exists file (computer id as string & â.xml.bz2â) of it) or (exists file (computer id as string & â_isotag.zipâ) of it) or (exists file (computer id as string & â_isotag.tar.gzâ) of it) or (exists files whose (name of it ends with âslmtag.zip" or name of it ends with âslmtag.tar.gz") of folders âslmUploadDirâ of it)))) OR (exists ((folders (if (exists value of settings âCIT_Scanner_OutDirâ of client) then ((value of settings âCIT_Scanner_OutDirâ of client) & â/sharedâ) else (((if (version of client >= â9â as version) then (pathname of parent folder of data folder of client) else (pathname of parent folder of parent folder of client folder of site âactionsiteâ))) & â/LMT/CIT/sharedâ))) whose ((exists files whose (name of it ends with ("â & computer id as string & âcit.xml.bz2")) of it) or (exists files whose (name of it ends with ("â & computer id as string & â.xml.bz2â)) of it) or (exists file whose (name of it ends with ("â & computer id as string & â_isotag.tar.gzâ)) of it)))) OR (exists folders (if (exists value of settings âCIT_Scanner_OutDirâ of client) then ((value of settings âCIT_Scanner_OutDirâ of client) & â/sharedâ) else (((if (version of client >= â9â as version) then (pathname of parent folder of data folder of client) else (pathname of parent folder of parent folder of client folder of site âactionsiteâ))) & â/LMT/CIT/sharedâ)) whose (exists file (computer id as string & â_scanneddisks.csv.tar.gzâ) of it))
Did you check the âSoftware Scan statusâ analysis? Looks like there are no scan results to upload.