Troubleshooting Vulnerability Manager and Threat Director

This topic includes the following sections:

Can Vulnerability Manager work in a multi-site environment?

Currently, no. When using Vulnerability Manager to remediate vulnerabilities, the portal must be connected to the same BMC BladeLogic Server Automation Application Server that was used for mapping—that is, the same Application Server used when you associated scanned assets to servers and vulnerabilities to BladeLogic remediation content. If you connect the portal to a different Application Server when you perform remediation, mapping errors can occur when the portal attempts to use missing or incorrect mapping information.

How do I modify the precision of reported counts?

In some circumstances, you may need to configure settings that control the precision of how DCA Index Server reports its counts. These modifications require you to edit the the bmc-config.json file.

Open the bmc-config.json file for editing.
Typically, this file resides at <install_location>/portal/configuration/bmc-config.json.
In the file, search for the section which includes ElasticSearchConfigManager. That section appears as follows:
"com.bmc.dcaportal.index.service.core.ElasticSearchConfigManager": {
      "aggregation.precision.count" : 500,
        "aggregation.leaf.precision.count" : 500,
        "purge.interval" : 10
    }

Provide the following values, as necessary:

Option	Explanation
aggregation.precision.count	Sets a level of precision for SecOps Dashboard metrics while balancing that level against memory usage. Dashboard metrics have a deviation of +/- 1% when the DCA Index Server is configured to use 4 GB of memory and this option is set to 100. The higher the setting you enter for this option, the more accurate the counts presented on the dashboard. However, a higher number increases memory requirements. For example, if you raise the precision count to 10000, you should have 8 GB of memory allocated to search. The recommended setting is 500 for a DCA Index Server with 4 GB of memory.
aggregation.leaf.precision.count	Controls the precision of the dashboard's Top 10 Vulnerabilities count. The default value is 500.
purge.interval	Specifies in minutes how often the indexing process is invoked to poll data from BMC Server Automation to refresh the DCA Index Server's database.

Save bmc-config.json.
Restart the portal server:
- (Windows): On the portal server, open the Services window, find and right-click the BladeLogic Portal service, and select Restart.
- (Linux): On the portal server, enter the following command: /etc/init.d/BladeLogic_Portal restart

Can I modify the behavior of the SecOps Dashboard?

There are settings that control some aspects of the behavior of the SecOps Dashboard. Changing these settings require you to edit the the bmc-config.json file.

Open the bmc-config.json file for editing.
Typically, this file resides at <install_location>/portal/configuration/bmc-config.json.
In the file, search for the section which includes DCAPortalProvider. That section appears as follows:
"com.bmc.dcaportal.DCAPortalProvider": {
     "enableDashboardDonutCharts": true,
     "enableDashboardTop10Chart": true
    }

Provide the following values, as necessary:

Option	Explanation
enableDashboardDonutCharts	This option lets you disable the Vulnerabilities by Severity section (also known as the donut charts) of the SecOps Dashboard. Disable the donut charts by setting this option to false.
enableDashboardTop10Chart	This option lets you disable the Top 10 Vulnerabilities section of the SecOps Dashboard. Disable the section by setting this option to false.

Save bmc-config.json.
Restart the portal server:
- (Windows): On the portal server, open the Services window, find and right-click the BladeLogic Portal service, and select Restart.
- (Linux): On the portal server, enter the following command: /etc/init.d/BladeLogic_Portal restart

How can I tell if the DCA Index Server and the portal server are running?

(Windows):

From the Windows Control Panel, select Administrative Tools > Services.
Check the status of the BMC DCA Index Service 1.7.3 (DCAIndexService) service. It should say Started.
If the service is not running, click Start.
Check the status of the BladeLogic Portal service. It should say Started.
If the service is not running, click Start.

(Linux):

To check the DCA Index Server, enter the following command:
/etc/init.d/DCAIndexService statusIf the service is running, you should see:
DCA Index Service Daemon is running.
If the service is not running, you can start it by entering the following command:
/etc/init.d/DCAIndexService start
To check the BladeLogic Portal server, enter the following command:
/etc/init.d/BladeLogic_Portal statusIf the service is running, you should see:
BladeLogic_Portal is running.
If the service is not running, you can start it by entering the following command:
/etc/init.d/BladeLogic_Portal start(% style="color: rgb(0, 0, 0); color: rgb(0, 0, 0)" %)

Why am I seeing incorrect information about jobs that have been run in BMC Server Automation or BMC Network Automation?

The BMC Server Automation or BMC Network Automation servers may have been restarted without also restarting the portal server. In such a situation, the Data Refresh capability cannot obtain the most recent job information.

To restart the portal server:

Windows): On the portal server, open the Services window, find and right-click the BladeLogic Portal service, and select Restart.
(Linux): On the portal server, enter the following command: /etc/init.d/BladeLogic_Portal restart

(% style="color: rgb(0,0,0);" %)