Description

The customer had a lot of Endpoint Vulnerability records on the Manager, it is not possible to ‘Ignore’ or clear them without properly fixing the vulnerability (patching).

Customer wishes to clear all the records of the detected vulnerability.

Case Handling

1. Use F12 browser debug method to find some informations of the data.
2. Check on the collections and found that the vulner collection holds the informations of the detected vulnerability.
3. Execute the delete command to clear all Vulnerability records.\n
4. After deleting the records, found that the MGR still display the vulnerability records.
5. Tried restarting all services, but the records still remain.
6. Suspect there is another collection in Mongodb which hold these informations.
7. After checking each collection 1 by 1, found that the collection vulner_search has the records of Endpoint Vulnerability too.
8. Compared the vulner_id, it matches.\n

9. Delete all the records in the collection vulner_search and refresh the MGR console, the records had been cleared successfully.

   

Root Cause / Solution

1. In order to delete / clear the records of Vulnerability Assessment, you need the delete the records on the following collections: vulner and vulner_search
2. Enter Mongod shell and execute the following commands:

Command:

• Delete all records:
  • db.vulner.deleteMany({})
  • db.vulner_search.deleteMany({})
• Delete specific records:
  • db.vulner.deleteOne({"_id":"Enter the id here"})
  • db.vulner_search.deleteOne({"_id":"Enter the id here"})

Note:
Only proceed if you are confident, or there is a backup / snapshot of the MGR.