How do I run a vulnerability assessment

After you’ve created a policy, you can run an assessment that scans the targeted assets against the latest advisories.

Tanzu Salt scans for available packages that can repair vulnerabilities identified by the advisory.

Note:
After initial installation, Tanzu Salt takes about 15-20 minutes to ingest vulnerability content. For best results, wait at least 20 minutes after installing Tanzu Salt before you run your first vulnerability scan. For more information, see Using the vulnerability library.

From the vulnerability workspace, you can run assessments from one more policies at once by clicking the checkboxes next to each policy and clicking Run assessment.

Prerequisites

Before you can run a vulnerability assessment, you must have an existing vulnerability policy. For more information, see How do I create a vulnerability policy.

Procedure

  1. In the Vulnerability workspace, select a policy to open the policy’s dashboard.

  2. In the policy dashboard, click Run assessment and then click Run assessment in the confirmation dialog box.

    Run vulnerability assessment dialog box

Results

Tanzu Salt scans your system against the latest advisories. During assessment, no changes are made to any of your systems. After the assessment is complete, you can remediate any advisories. You can view the status of current or past assessments by clicking a policy in the Vulnerabilty workspace and the clicking on the Activity tab. The results page lists all queued, in progress, and completed scans.

What to do next

You can view your assessment results on the policy dashboard. To sort your results by node, click the Minions tab. If desired, you can download the assessment report in JSON format by clicking Report > Download > JSON from the policy dashboard.

check-circle-line exclamation-circle-line close-line
Scroll to top icon