Investigation failed: SCAN_START

I have a few false positive vulnerabilities reported for our Linux servers with IVM agent. I am trying to schedule investigations and it is failing to start.

I see this in the nsc.log :-
Couldn’t start investigation scan: the scan does not have the targets to scan.
Verify targets are not excluded by the site or in the global asset exclusion list

I have a shared credential for SSH authentication and I have verified the credential works for the host I am investigating. this shared credential is accessible to all sites

I added the host to a sample site and I am able to do a network scan. But why am I not able to reinvestigate the vulnerability ?

For the error you are getting it shouldn’t have anything to do with the credentials so you should be good there. Basically the agent was probably reporting an IP that was not defined in any site.

After adding that defined IP to a site though, you should have been able to kick off a new investigation. When you go to the Asset Page, how many IPs are listed for that server? Typically speaking the scanner should try all of the IPs listed if there are multiples.