Rizwan Bedekar

Compliance Restricted Scanning by Policy

Discussion created by Rizwan Bedekar on Dec 24, 2019
Latest reply on Dec 30, 2019 by Rizwan Bedekar

After running a restricted scan for only specific policy, all the existing reports for other policies returned empty values. Even the Policy Summary drop down didn't listed all the Policies.

 

Unix hosts were scanned with Policy for windows selected in Option profile.

 

Only way to get data back was to re-scan all the assets. Could some one confirm if this is expected behavior?

 

This has caused a lot of trouble as the Posture ID for all the compliance record got modified and almost all the records are duplicated in our GRC tool.

Posture ID was used as compliance tracking ID for record and every time the Posture API ran, the compliance status was updated in GRC tool against the ID. Change is posture ID has impacted the functionality via API as GUI doesn't create duplicate records. 

The compliance API seems to be very unreliable. Many things are resulting in duplicate records. 

 

It would be helpful to add posture ID in the Policy reports from GUI.

Outcomes