Trouble Shooting and Remediation Queries
Problem
In large estates, the iQSonar user interface can sometimes be slow to respond and/or display so much information as to be unwieldy to use. In these circumstances it can be useful to run diagnostic queries against the database directly rather than attempting to rely only on the iQSonar UI to discover why certain targets were not scanned and to make any needed changes to the scan engine configuration or to the targets to enable them to be scanned. As these queries rely on database tables in iQSonar which are not designed to be exposed to end users, some of the queries only work on certain versions of the product, and may need to be adapted due to changes between different versions of the scan engine.
Prerequisites
In order to use these scripts, you will need credentials to log in to the SQL server that hosts the iQSonar database. You will require permissions to run queries and, in some cases to execute stored procedures.
You will need to have access to the Microsoft SQL Server Management Studio software. The current version (at time of writing version 17) is a free-of-charge download from Microsoft.
https://docs.microsoft.com/en-us/sql/ssms/download-sql-server-management-studio-ssms?view=sql-server-2017
You need to understand how to edit the SQL queries. Most of them contain placeholder values for ProjectID, Date(s) and/or IP Addresses which will need to be updated to work in your specific environment. If you do not update these values, the queries will not run, or will return meaningless results.
Troubleshooting Queries
These queries work with iQSonar releases up to and including Fu R3.
Changes were made to some underlying tables in Gwynn R1 and Gwynn R2 to reduce the amount of history saved as the diagnostic information can grow. In the Gwynn R3 release the option to preserve or delete this diagnostic can be selected in the user interface. Instructions on how to keep the history data can be found on this page.
- One Line troubleshooting scripts
- Get list of Project IDs (required for many queries)
- List all Found Devices
- Use SQL to send a target for a rescan
- Find unreachable targets
- Summary of connection attempt results
- Connection Results for specific target
- Find hosts with SSH Login failures
- Find hosts with Windows login failures
- Find ESX hosts that were not scanned
- Find hosts that could not be scanned for other reasons.
- Database Credential Issues
- All credential issues
- List all discovered databases (scanned and unscanned)
- List all commands performed during a scan
- Some targets seem stuck in "Waiting"
Related articles