Hi. I have recently performed a detailed discovery scan against one asset, it completed successfully but I am not seeing any details for services, tasks etc etc. Scan was completed three hours ago.
Is it normal to take a long time to get this information populated? Are there any logs I need to check to see why I am not seeing the details yet?
Best answer by GloriaB
Hi
I would verify the scan account permissions. Please refer to BeyondTrust Discovery Agent scan account permissions.
Refer to Scanner logs section in the following article: How to generate a Support Package and gather logs (on-prem and SaaS)
Hi
I would verify the scan account permissions. Please refer to BeyondTrust Discovery Agent scan account permissions.
Refer to Scanner logs section in the following article: How to generate a Support Package and gather logs (on-prem and SaaS)
Thanks GloriaB. If it’s a permission issue then would it be logged in the logs as what exact permission is missing?
Hi
How to enable advanced logging for the BeyondTrust Discovery Agent (KB0017067). I would suggest just scanning one of the targets that is failing so it easier to follow in the logs, then search the xxxx_Pheonix.Service.[date].log for keyworks like failed or error. A few examples are:
It should have local admin permissions. To perform the enumerations, it needs to connect to the built-in $IPC share, install the discovery agent service, make remote WMI and registry calls, etc. (see the scan account permissions link Gloria posted above).
Also check the remote UAC permissions, Windows firewall, and NTLM settings, these can sometimes cause the local enumerations to fail. For more information please see the following KB:
Configuring Windows hosts for Discovery scanning
Let me know if any of these help resolve the issue.
Regards,
Donnie
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
