Submit a ticketCall us

Quickly Address Software Vulnerabilities
Patch Manager is an intuitive patch management software which extends the capabilities of WSUS and SCCM to not only patch Windows® servers and workstations, and Microsoft® applications, but also other 3rd-party applications which are commonly exploited by hackers. Learn more about our patch management solution.

 

Home > Success Center > Network Configuration Manager (NCM) > Unable to run DISA STIG policy reports

Unable to run DISA STIG policy reports

Updated August 17, 2016

Overview

Unable to run DISA STIG reports on NCM and the Last Update Column for the corresponding report on the NCM compliance page displays ERROR.

Environment

NCM 7.0 and later

Cause 

This occurs when the policy is either set to use a custom property that does not exist or has "nodeid" set as part of the dynamic query.  In either case, the query will not select any nodes.

Resolution

  1. From the Orion Web Console, open the NCM compliance page.
  2. Identify one of the Dist STIG reports displaying ERROR in the Last Update Column.
  3. Go to Manage Reports in upper right corner of the same page.
  4. Select the Report identified in Step 2 and select Edit.
    Note: Using the search option will be useful to narrow the hunt.
  5. Take note of which policies are in the report.  They will show in the Assigned Policies Column.

  6. Return to the Manage Policy Reports screen and go to the Manage Policies tab.

  7. Select the policy or one of the policies in the report and click Edit. 
    In NCM 7.5 you are likely to see something like this: 
    or if imported from Thwack, may look like this:

  8. in the first example, click on the blue hyperlink for all nodes. Use this to select the nodes, be it All nodes, Select nodes, or Dynamic selection. It is recommended to use Dynamic selection and use a rule relevant to the nodes you need this policy to run against (do not use Nodeid).
  9. When using Dynamic selection, select a valid option, such as Vendor, and select a valid vendor, such as Cisco.
  10. Click Submit to save the changes.
  11. Repeat this process for all applicable reports.
  12. From the compliance page, click Update all.
 

 

Last modified
19:07, 16 Aug 2016

Tags

Classifications

Public