I’m having trouble scanning servers that have DCHP pools that they pick from. Basically every week or 24 hrs these servers pick up new IP. I have them by hostname in asset group attached to schedule, but it’s been ongoing for a little while and all my scan history gives me is 0 scanned. Then i find that the servers are in Insightvm but have not been scanned or old ips are just sitting there? How do i clean up the noise, how do i get them to scan??
Asset groups will only pick up existing assets and scanning with one would use the existing information for each of the assets so I don’t think that this would work for your use case . Asset correlation should be able to handle correlating based on the hostname though. Does a full scan of the network range provide better results or is there a correlation issue there?
The exception to the above would be if the scope for the site was defined with hostnames instead of IP addresses/ranges, in which case resolution of hostnames happens at the start of the scan. I was assuming that you are using net ranges for site scopes.
@tyler_schmidtke I haven’t tried just to scan by network range; if I do I’m guessing just put the network ranges on a scheduler and let it scan like that; it should pick up the ips at that time correct? Is that what you are recommending to me?
The scope i laid out in a asset group dynamic to be exact; i was able to pick up servers 1-15 by host name in the asset group and that how i have them on scheduler now- but of course its not scanning them.
Yup - I’d recommend trying to scan the whole DHCP range (or the specific one you care about for now) if you can. The console should do some correlation based on hostname and other data gathered. If you’re making use of schedules to scan segments of the site’s scope, then I’d try putting the subnet ranges that you want for the schedule in there.