Working with assets

This topic provides instructions on viewing and exporting a list of assets with missing patches, identified vulnerabilities, and assets discovered by BMC Discovery. It also provides instructions on mapping assets to endpoints in the endpoint manager, and adding tags. 

To learn more about assets, see Assets. 

Viewing and exporting assets with missing patches

On Assets > Managed Assets page, view the following details:

• The total number of impacted assets appears near the tab title. 
• Host name, IP address, operating system, number of unique missing patches, and number of compliance violations for an asset.  
• To search for an asset, enter a search term, and click Search.
  You can search using the host name, IP address, or operating system. 

To view the list of unique missing patches for any asset, do the following:

1. Click the link against any asset in the Missing Patches column. 
   The Risks > Missing Patches page shows the unique missing patches, patch age, severity, classification, and CVE IDs for each missing patch for the particular asset. 
2. Click Clear Filters to view all unique missing patches across all assets. 
   To view more information about the missing patches, see Working-with-risks.

Exporting managed assets data with missing patches

On the Assets > Managed Assets page, click Export and enter a name to save the results in a CSV file. 

If you filter data using the advanced search options and then export, filtered data appears in the CSV file. 

Viewing and exporting assets from a vulnerability scan

On the Assets > Scanned Assets page, view the following details: 

• Total number of assets imported from a scan appears near the tab title.
• Host name, IP address, status, source, operating system, and vulnerabilities identified for each asset. 

To view a list of vulnerabilities identified for an asset, do the following: 

1. Click the link against any asset in the Vulnerability column.
   The Risks > Vulnerabilities page shows the vulnerabilities and their details. 
2. Click Clear Filters to view all vulnerabilities imported from the latest scan. 
   To view more information about vulnerabilities, see Working-with-risks.

To search for an asset, enter a host name or IP address, and click Search. 

To show tags as additional columns on the Scanned Assets page, click Display Tags, select a tag (maximum 10) and click Apply. The new tag appears as a column.
For example, if you have added a Location tag to the scanned assets, after you choose it, a new Location column which shows the location for each asset appears. 

Exporting scanned assets data with vulnerabilities

On the Assets > Scanned Assets page, click Export and enter a name to save the results in a CSV file. 

If you filter data using the advanced search options and then export, filtered data appears in the CSV file. 

Mapping and unmapping scanned assets

On the Assets > Scanned Assets page, do the following: 

1. Select an asset and click Map.
2. Select an endpoint and save changes.
   You can use the Operating System or Operating System Vendor filters to select the endpoints. The asset status changes to Mapped and the mapped endpoint appears under the asset host name.

To remove mapping, select one or more assets with the status as Mapped, and click Remove Mapping. You cannot remove mapping for assets for which a remediation operation is created and scheduled. 

Importing tags for scanned assets

On the Assets > Scanned Assets page, do the following:

1. Click Import Tags and either download the CSV template, or download the assets data in a CSV format.
   If you want to download filtered data, perform an advanced search and then click Export to get the assets data in a CSV file. 

2. If using the exported CSV file, in the Tags column, add tag keys and values to be associated with the assets, in a key:value format. 
   OR
   If using the CSV template, provide asset data such as the asset ID, scanned host name, IP address and then add tag keys and values, in a key:value format. 
   For example, the CSV template is in the following format, in which you provide the asset data and tags:  

   Asset ID	Scanned Hostname	Scanned IP Address	Tags
   <asset_name>	<host name>	<IP_address>	LOCATION: Pune; OWNER: Admin
   <asset_name>	<host name>	<IP_address>	LOCATION: USA; OS: Redhat Linux

   Best practices for adding tags

   • To add more than one key:value pair, use a semi-colon separated list.
   • You can add more than one value for a particular key in a key:value pair format.
     Example: LOCATION: Pune; LOCATION: Austin
   • Every time you import tags for assets, the previous values are overwritten based on the latest CSV file.
   • You can import up to 10000 key:value pairs through a CSV file.
3. Attach the updated CSV file, and then click Import.
4. Click Display Tags and select the tags (maximum 10) that you want to be displayed on the Scanned Assets page. 

Removing tags

To remove tags, delete the key:value pair(s) in the exported CSV file, and then upload the same file again in Automation Console.

Viewing assets from BMC Discovery

On the Assets > Discovered Assets page, view the following details:

• The key performance indicators (KPIs) show the following information: 
  • Total Discovered Assets: Total number of discovered assets by BMC Discovery.
  • Unmanaged Assets: Total number of assets that are found by BMC Discovery, but are not mapped to endpoints in TrueSight Server Automation.
  • Unscanned Assets: Total number of assets, either discovered, or mapped in Server Automation, but not yet scanned for vulnerabilities. If an auto-mapped asset is unmapped from the Scanned Assets page, it gets counted in the Unscanned Assets. 
• To view all assets for a category, click the KPI link. 
  For example, if you click Total Discovered Assets, all assets discovered by BMC Discovery appear in the list. 
• Host name, IP address, operating system, and business services for the assets. 
• To search for an asset, enter a search term, and click Search.
  You can search using the host name, IP address, or operating system of the asset. 
• If you want to remove an asset, remove it first from TrueSight Server Automation and then from BMC Discovery. This change gets reflected in Automation Console based on the Data Refresh Cycle configured on the Administration > Service Account page. Business services affecting such assets are also removed from Automation Console.
• If you delete an asset from BMC Discovery, which is not managed in Automation Console but is available only in BMC Discovery, the business services at risk for the asset are not removed and the data remains unchanged in the Top 10 Business Services at Risk widget on the dashboard.
  
  

Performing an advanced search

On the Assets > Managed Assets page, do the following: 

1. Click Advanced Search and choose one or more of the following options:
   • Asset
   • Operating System
   • Operating System Vendor
   • Risk Owner
   • Risk Score

   • Unique Missing Patch

     Note

     When you select the Operating System and Operating System Vendor filters, the lists of operating systems and operating system vendors are retrieved directly from TrueSight Server Automation.

2. Click Clear Filters to go back and view unfiltered data. 

On the Assets > Scanned Assets page, do the following: 

1. Click Advanced Search and choose one or more of the following options:
   • Asset
   • Asset Tag
   • Operating System
   • Risk Owner
   • Risk Score
   • Source
   • Status

   • Vulnerability Name

     Note

     When you select the Operating System filter, the list of operating systems is populated dynamically depending upon the imported scan file. 

2. Click Clear Filters to go back and view unfiltered data. 

On the Assets > Discovered Assets page, do the following: 

1. Click Advanced Search and choose one or more of the following options:
   • Asset
   • Business Service
   • Operating System
2. Click  Clear Filters to go back and view unfiltered data.