Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 8 Current »

After configuring a scan job an expected Device was not present in the IT Explorer results after the scan job was completed.

Consult the Scanlogs

Go to the below page and double click the scan job row that was expected to contain the missing device.


The below window will then pop up.


Find the the row with IP address that was configured for the missing device, if it is present.

Row is not present

If it is not present then the Appliance was unable to communicate with the target in any way, network connectivity should be investigated between the target and Appliance.


Row is present

  • Status Success. Device was completely scanned, device data may still be in a queue for ingestion. Check again after some time.
  • Status No Connection. Device was pinged successfully, but none of the ports required for scanning were open. The Scan Info column will detail identified open ports.
  • Status SkippedAsSameAs. Device was already scanned via a different IP address. The additional scan is aborted for efficiency.
  • Status Credential Failed. No credential provided for the scan job was valid for the specified target device or the credential did not have sufficient privileges to do the required tasks on the target. Validate the credential on the target for the prerequisite connection types. 
  • Status Scan Failure. An unexpected exception occurred during the target device scan or a critical piece of data required for creating the results failed to be gathered. The target log file should be consulted at this point.


Scan Engine Logs

The log format of the Appliance server scan engine is a single rolling log.

It contains information regarding the progression of all targets being actively scanned on that appliance.

The logs can be found in the directory "/opt/iqas/server4.5/logs/".

The log named "iqas.log" is the most recent active log.

Other logs named "iqas-DD-MM-YYYY-<Integer>.log.gz" are the historical log content zipped to preserve space.

When providing logs the full content of the "/opt/iqas/server4.5/logs/" should be provided, providing only the "iqas.log" will most likely be inadequate.


Target Log Converter


As targets are scanned in a concurrent way, the logging content can appear erratic when viewed in the single log.

For ease of diagnosis the Log Extractor available in Tools can be used to extract a per-target logging file set.

In order to use LogExtractor you should have installed an appropriate java environment.


Installing the default-jre package and approximately 150 dependencies allows it to work under Ubuntu 14, 16 and Debian 9.

sudo apt-get install default-jre


This extraction should not be on the appliance itself, but on a separate device where there will be adequate space.

java -jar /PATH/TO/LogExtractor-2.1.jar -l /PATH/TO/LOGFILE -o /PATH/TO/WHERE/YOU/WANT/THE/TARGET/LOGS

The extracted target logs will be named with their respective IPV4 address <ipv4address>.log when using the utility.


  • No labels