IBM Support

IBM Security Guardium: Vulnerability Assessment shows no results.

Troubleshooting


Problem

When you run a Vulnerability Assessment ("Harden > Vulnerability Assessment > Assessment Builder"), no results are returned, but the Guardium™ Job Queue ("Harden > Vulnerability Assessment > Guardium Job Queue") shows the assessment was completed.

Completed assessment

Symptom

When you check the result section of the desired Vulnerability Assessment, the report shows no results. However, it displays one message similar to the below.

RECOMMENDATION_TEXT: None of the tests in this assessment had the necessary data available to run to completion.  Make sure the testing environment is configured correctly, and then run the assessment again.

No tests ran to completion, therefore there is no overall score. Please check the execution log for configuration issues before re-running the assessment.

Cause

There are no data sources configured for the Vulnerability Assessment.

Environment

Any IBM Security Guardium™ appliance with the Vulnerability Assessment feature licensed.

Diagnosing The Problem

Running the application debugger is not effective in this scenario, as the Vulnerability Assessment completes without error messages or exceptions, and the Guardium Job Queue Report shows a successful execution.
 

The correct troubleshooting is to verify the result log for the Assessment run (open the Security Assessment of interest from the "Harden > Vulnerability Assessment > Assessment Builder" menu of the GUI, then click on "View Results"), as it shows the data sources the tests were run against:

Results screen

image-20210906152644-6

Irrespective of the slight differences in the view depending on the product version you are using, if the results view shows an empty list of data sources, that is the cause of the problem.

Resolving The Problem

1. Go to the Assessment builder GUI section ("Harden > Vulnerability Assessment > Assessment Builder").

image-20210906152644-7

2. Select the affected Vulnerability Assessment and click the "Edit selected Assessment" button (image 11458).

image-20210906152644-8

3. At the "Datasources" section of the "Security Assessment Builder" window, check what data sources are linked with the Security Assessment object. If it is empty, you are facing the issue.

image-20210906152644-9

4. The solution for this situation, would be to add at least one data source or a data source group to the Vulnerability Assessment, by using the "Add Datasource" or the "Add Datasource Group" respectively.
Add datasource
5. After you add one or more data source, click "Apply".
Datasource added
6. Finally, run the Assessment once again. You should get results.

Document Location

Worldwide

[{"Type":"MASTER","Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSMPHH","label":"IBM Security Guardium"},"ARM Category":[{"code":"a8m0z000000Gp0RAAS","label":"VULNERABILITY ASSESSMENT"}],"ARM Case Number":"TS005388204","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]

Document Information

Modified date:
18 October 2021

UID

ibm16486827

Page Feedback