[Solved] There is no data to display
-
File sent.
Here is some interesting data from that file.
Connecting to server: agent.vulndetect.com
[2018-09-20 15:48:19.361-0420] Server returned 401 =>
[2018-09-20 15:48:19.366-0420] Server response body: Unauthorized
[2018-09-20 15:48:19.367-0420] Failed to check in with server: Access is denied.
[2018-09-20 15:48:19.367-0420] Waiting 6 minutes before retrying
[2018-09-20 15:54:19.380-0420] Connecting to server: agent.vulndetect.com
[2018-09-20 15:54:20.364-0420] Server returned 201 =>
[2018-09-20 15:54:20.366-0420] Next scheduled check-in is in 1 hourThis suggests to me that I am being denied access to the data server for some reason. Any ideas why, or how to circumvent this?
Thanks!
-
I just tested on my system and it did work.
So I suspect you didn't approve the agent in the configuration. Try to do this with a Chrome based or Firefox browser.
-
2018-09-20T19:00:09.578Z services:inspection-service <DETAILSREMOVED> => finished processing 33972 files
I can see in the server log that your inspection completed processing a few minutes ago.
Can you see the result now?
-
I had tried Firefox, and Comodo is a Chromium based browser. But after this 4th Inspection, it has finally populated data. I started at 9 AM, then it Inspected again at 10 and 11, but as of my 12 PM PST it finally has applications listed. no matter which browser I check it in.
I have to assume this is something on the backend, because after my first 2 hours of troubleshooting and nothing changing, I have done nothing different, but now it's magically working. Maybe it's a traffic issue? I dunno. But as of now, and after its 4th scan, it is finally working.
So, thanks for pointing me in the direction of the Log file - I hadn't thought to search for one prior - as that is a good place to start should anything else happen again. But for now, I guess we can consider this resolved.
-
@insohmniac The 401 error in the log indicates that it wasn't approved.
But that being said, then I can see that we had backlog of processing about 1 hour ago because the hosts doing the processing where nuked by the AWS Health Check, so there was a 5-10 minute window where no machines did any processing, before the system had created new ones.
But this seems to have happened before we got an inspection from you. -
Yeah, I dunno. But it had to cycle 4 scans before populating my applications list, and I had logged in with both a chrome based browser and Firefox early on in troubleshooting with still no data, so I don't know why, but I can't see any reason my systems wouldn't respond with the data, so to me that points to a backend issue. It's working now, but I'll keep an eye on it, add a few new programs over the day and see if they populate at next scan or not, and if not, I'll let you know how many scans until it does recognize the new installs.
-
@insohmniac
If you go to:C:\Program Files (x86)\SecTeer VulnDetect>
And run
secteer --immediate
Then you don't have to wait for the next scheduled inspection and then you will also see the return code from the server (201, 202 or 401 or whatever it returns) 200 something is "good" return codes all others indicate errors.
-
Thanks for building in those switches! That makes it WAY easier to troubleshoot! Which also helped point out some issues.
So, to preface this, and it is odd, but it helps me sometimes - I have a medical issue that causes Hyperacusis, which means all sounds are louder than they should be. In my case, we've mapped this, and sounds are around 30 decibels louder than they normally would be. I can hear EVERYTHING. It's rather quite annoying, painful, and overwhelming in most environments. It's also not a super-power - I can't fold or direct my ears to specific locations or individual sounds - it's mostly a cacophony. But in controllable environments, like my home, it can be helpful. And here's the reason I bring this up:
I can hear my laptop processing. If I had a spindle drive I could REALLY hear it accessing the drive, but even on an SSD I can hear the electrical currents when my computers are processing. When the Vulndetect agent was processing at the top of each hour it was taking a couple seconds at first and eventually up to 2 minutes-ish. And when it finally worked and Applications were populated in the interface list, the list was about 15-20 apps long. At the top of this last hour, it did its 2 minutes of processing then showed no new applications, though I had installed Gimp and Opera since the last scan, and performed the updated installation for Flash Player and 7-zip as those 2 apps came back as insecure (and showed 2 listing for Flash and 3 for 7-zip).
Running the --Immediate command switch, the scan took over 15 minutes. I now have around 30 applications listed, including the newly installed Gimp and Opera, though the 2 unsecure Flash and 3 unsecure 7-zip items are still listed despite the updates (though, at least in the case of Flash, this is likely per-browser specific, and I only did the update for my default browser so far).
As to the online interface, when I first log in and switch from the Applications tab/page to the Configuration tab, I get a reddish banner across the top of the page for about 1-second that says "No Agent Installed...", no matter if it's Firefox, Chrome, IE, or Edge (I haven't tried it in Opera yet, but I'm going to assume it's the same). It only shows the very first time I switch from the Applications tab to Configuration, and if I stay logged in, switching back and forth between the two afterward I don't see it again until I log out then back in, and then only the once. This suggests there is a delay. Normal, as connection/handshake speeds can vary. But I'm wondering if there is a timeout in the agent code somewhere that is being activated using the normal agent (not the manual switch) that is preventing data from continuing from being sent to your databases. Of course, this just could be a first day launch backup, but since I don't "Hear" 15 minutes of processing (I only hear around 2 minutes as before) when the automated agent launches its scan, this makes me curious.
Anyway, not deal breakers - now that I know the manual switch exists I can easily use that - but something that may cause issues for others if it isn't just a fluke limited to only me. That's why I thought I'd bring it up.
Thanks, very much, to everyone for their hard work and devotion in getting this alternative to the now defunct Secunia PSI in place! I, and many I'm sure, are extremely grateful for the option. So I'm not complaining, at all! I just know there can be hiccups along the way with new launches, and even established applications, and I'm happy to point things out when I see them.
-
The Category Detection Issues in this forums should be used to report detection issues with a specific application.
You have a general problem with VulnDetect, so I move the topic to the Category Bugs and issues.@inSohmniac I suppose your issue is fixed?
-
@olli_s yes, you can consider the issue resolved. Thanks for fixing the post location and for the follow-up.
-
OK, so I move the topic to Solved Bugs and Issues