Automated Scan Info Tab: Scan to Feed Difference Wrong

CyberSecDef / scans2reports

An ACAS/SCAP/CKL scan parser and report generator

GNU Lesser General Public License v3.0

18 stars 3 forks source link

Automated Scan Info Tab: Scan to Feed Difference Wrong #58

Closed sagansapien closed 4 years ago

sagansapien commented 4 years ago

Per plugin 19506

Plugin feed version : 202002072110 Scan Start Date : 2020/2/10 13:18 UTC Scan duration : 434 sec

Automated Scan Info Tab:

202002072110 2020/2/10 13:18 UTC 434 sec

Scan to Feed Difference: 19

Should be 3.

sagansapien commented 4 years ago

The same host on the Asset Traceability tab has the following:

ACAS Scanner Version: 8.6.0 ACAS Feed Version: 202002260830 ACAS Start Date: Thu Feb 27 13:08:52 2020 ACAS Days between...: 1

This feed version matches results from OTHER hosts in the nessus file. We're getting hosts crossed up as well.

CyberSecDef commented 4 years ago

"We're getting hosts crossed up as well."

Can you explain that in more detail?

sagansapien commented 4 years ago

The results from each tab for the same hostname appear to relate to different hosts. Everything but the scan to feed difference (19) is accurate on the Automated Scan Info tab after reviewing the source data for that host. All of the data for the same host on the traceability tab is incorrect and appears to relate to a different host altogether.

CyberSecDef commented 4 years ago

just the traceability tab and the date difference is incorrect on both the automated scan info tab is more-right

CyberSecDef commented 4 years ago

This appears to have been resovled via the engine re-write