I’m not a big SQL user, but we’ve been trying to make projects for our sysadmins, and while it provides some information, it doesn’t provide the report they find useful to perform their duties. In discussions, we’ve found that a perfect report would contain the following:
A report based on the Solutions ID (which may actually be “nexpose_id”?) (ie; msft-kb4022717-7b6c010d-36ea-4bb4-9d06-9e44c1235690) – For these reports, we wouldn’t mind editing the SQL query each time to contain the specific solution, or if possible, contain a multitude of solutions. Each solution (whether one solution in the query or multiple) needs to be accompanied by the following information:
- Solution Summary (ie; 2017-06 Security Only update…)
- Solution “FIX” (Ie; download and apply patch from website.com)
- Vulnerabilities that are remediated with Solutions ID (IE; Microsoft CVE-2017-8464: LNK REMOTE…)
*** Asset Information:**
Asset names, Asset IP, Asset Operating System (Microsoft Windows Server 2016), Asset OS Version (1067,SP1...), Asset OS Product (x86_64), Asset OS Vendor (Microsoft,Linux)
Thank you for any help; after a few months of back and forth, we hope to move forward with a report that will help target our biggest issues with items that both teams need to progress.