Just simple query of an asset not scanned with in 30 days or 30 days +
I’m not sure about a SQL query, but this article (https://blog.rapid7.com/2017/07/11/cleaning-house-maintaining-an-accurate-and-relevant-vulnerability-management-program/) talks about creating an Asset Group of devices not scanned in a timeframe, then you could just pull the Assets in that grroup
If you just want a query to get assets that haven’t been scanned for vulnerabilities in the past 30 days, you could do something like this:
SELECT host_name, ip_address, mac_address, last_assessed_for_vulnerabilities FROM dim_asset WHERE last_assessed_for_vulnerabilities < (current_date - 30) ORDER BY last_assessed_for_vulnerabilities
If you want all the
dim_asset fields rather than just a subset you’d do
SELECT * instead.
Holley YES! Thank you so much this is what i was looking for. I didnt even think about the “assessed” I was thinking last scan date. Thanks again!!