Historic "Stale" Data Purge - Is There A Way?

CWaters · April 5, 2023, 6:50pm

Good afternoon, all.

I’m sure the answer is “delete the asset”, but is there a way to get rid of stale data on an asset for both Vulnerability and CIS Scans?

For instance…

server.windows.com used to be CIS scanned with “Policy 1”. We have migrated that server to be scanned with “Policy 2”. Is there a way to purge the “Policy 1” data that shows with the asset?

The same for vulnerability scans would be nice, but I presume no matter how you would try and purge the historic data, if/when that data is purged, it would also purge the vulnerability history as well?

That is basically what we are trying to avoid for the Vulnerability scans. Any kind of purging of assets, deleting old Vulnerability data. The CIS scans wouldn’t matter, as they would now just be scanned on the current version.

Thank you for the information.

john_hartman · April 5, 2023, 7:58pm

Most likely your answer would be in data retention settings Database Backup, Restore, and Data Retention | InsightVM Documentation

brandon_mcclure · April 5, 2023, 8:06pm

I remember hearing during a webinar that Rapid7 had on Policy scanning and it was said at that time be careful of the scope of your policies because if you use the wrong one on an asset the only way to clear that history was to delete the asset because of how the database is. But things might have changed since that came out