Viewing events associated with a vulnerability

When monitoring vulnerabilities, the application registers events based on Asset Management technology. Events are registered with system event types that are assigned the following codes:

• 4000005300 – device vulnerability detected for the first time or a vulnerability had been previously switched to the Remediated state (for example, if modified device information once again matches a device description in a vulnerability with the same CVE ID).
• 4000005303 – changes detected in a vulnerability that did not impact its current state (for example, if additional recommendations on system protection were added when the database of known vulnerabilities was updated).

You can view events associated with a vulnerability in the events table.

To view information about one of the events associated with a detected vulnerability:

1. Open the details area or the window containing detailed information about the vulnerability.
2. In the Events block, click the row containing the header of the relevant event.

The Events section opens. The events table will be filtered based on the ID of the selected event.

To view information about all events associated with a detected vulnerability:

1. Open the details area or the window containing detailed information about the vulnerability.
2. Click the Go to event table link in the Events block to proceed to the events table.

The Events section opens. The events table will be filtered based on the IDs of events associated with the vulnerability.

Page top