In distributed scan engine environment one of scan engine update is failed its content version is older than the other scan engines. How to resolve this issue
You can open a support case. They can usually reset the scan engine state on the backend. I hope this helps.
Yes, I have opened a case.But is there any checks that should be done to detect the exact issue.
No, you basically can do nothing. They just need the ID of the SE if I remember well, to be able to identify and reset it.
Is it a Rapid7 hosted engine or on-premise?
If it’s on premise, check you have enough disk space and if you have antivirus check it isn’t deleting anything (e.g. from the staging directory).
In the past I’ve found it easier to just reinstall the scan engine rather than figure out what’s wrong. If you don’t have any custom scan content that should be fairly straightforward.
Ok,So we need to reset scan engine means reinstallation or reboot.
So what should be checked on console portal before reinstallation.
What parameters needs to be verified before uninstall & reinstall process.
Actually I think “repair” would be a better word.
I thought R7 had some doco on this but apparently not. Have you seen the troubleshooting info here?: Troubleshooting | Nexpose Documentation
This has worked for me in the past, but at your own risk…
- stop the nexpose service
- delete the ‘stagingFileData’ and ‘pending’ directories under rapid7/nexpose/updates/
- download and run the installer - should detect the installation and give you the option to run a “repair” install.
- restart the service
If it doesn’t detect a current install and you do a clean install then you’ll probably need to pair it to the console as a new scanner and do any changes to the scanner pools/sites depending on your setup, in that case I’d probably exit and wait for support. Also, I don’t have any custom checks, but if you do I believe they’ll be blatted by the installer.
We encountered this problem at the start of December, and even after reinstalling the engine, we are still facing the same issue. Has anyone discovered a solution for it yet? Many thanks!
Hi, Did you ever get this solved? I’ve got exactly this problem - I ran a repair on the console which updated the scan engine but then still refused to update from that point.
Hello, I’ve resolved this a week after some troubleshooting.
After the repair, you’ll need to link it again with your InsightVM console IP, then you need to make sure that you consoles.xml is enabled and then connect it with your InsightVM using shared secret key.
We use reverse pairing, if you do, this should fix your issue: Post-Installation Engine-to-Console Pairing | InsightVM Documentation
OK, thanks - it looks like mine is a slightly different problem. We’ve got the console and 40+ scan engines. All the scan engines are updating fine - the problem with ours is the console and local scan engine aren’t updating. We ran a repair with R7 support back in December which updated the console to the version in the installer, but it hasn’t then continued to update since. No errors that i can find in the logs and no apparent firewall issues that might be blocking it. I’ve got a ticket logged with R7 support so I’ll see how that goes.
No problem! Have you checked the nexposeengine service to review the logs or verify if it can communicate properly with your console? Best of luck! 
Thanks for the update - I’ve been through the nse.log and nsc.log files and there’s nothing obvious (although i’m no expert on these logs). I did find entries in the update.log file that show it successfully connecting and just saying 0 updates available for product X, 0 updates available for product Y. It appears to all be OK and for some reason appears to think it’s already up to date. This effectively matches the message i see if i click the Manual Update button or run ‘update now’. Escalated with R7 Support so I’ll update the solution when we get one in case it helps anyone else.