Debugging and Troubleshooting
This section includes the scenarios that help you debug certain common issues.
Following are the types of issues and queries for debugging and troubleshooting:
How to debug?
In case of any unexpected application behavior one should check the application logs.
The application log has four different levels of logging: Information, Error, Warning, Debug
The application writes log entries after important transitions. For example, Schedule run, on click of test connection to API Server [ Qualys CMDB Bi-directional Sync App > Advanced > Application Log]
Observed Issues
Following are the observed issues in CMDB Bi-directional Sync app:
Scenario: Sometimes asset approval gives the user the error, “In payload invalid data source [Qualys-CSAM] exist. You need to provide a valid choice value from field [discovery_source] in table [cmdb_ci]"
Workaround: Navigate to Fix Scripts and search for ‘Add Discovery Source’ in Name section. Open Add Discovery Source and click Run Fix Script.
Scenario: Sometimes clicking on 'Test Connection” gives 'error' response to user.
Workaround: Check the error message.
- Try to repeat the ‘Test Connection’ a couple more times (if all input parameters are correct, then the ‘success’ message is displayed, and the validation state is changed to 'validated'.)
- One can get the error message under ‘Schedule Logs’ for related entries in schedule record.
- If no valid error is displayed (i.e. you are sure that the credentials are correct but API reported “unauthorized”), try again after some time. If error persists, contact Qualys Support.
Scenario: When Download processor takes too much time to process
Workaround: Go to Properties and lower the Size of Download batch.
Scenario: Download Processor failed to process Sync Queue record(s)
Workaround: This may leave the corresponding Sync Queue entry in ‘Error’ state and the error details can be verified from ‘Processing Notes/Message’
User should manually change the status back to
- ‘Queued’, and reset the 'Processor GUID' if user wants to process that response again.
- If you reprocess any response, it will not lead to duplicate data, as application checks whether the record already exists in staging tables before inserting.
- 'Error’, if user does not want to process it again.
Scenario: Failed to approve asset using Identification Engine/Invalid Update
This error is displayed when the application finds some error with Identification and Reconciliation APIs.
To verify the issue, you can to navigate to Failed Qualys Assets > Open the asset record and see the Notes section. This section contains the detailed error response, as received from Identification and Reconciliation API.
Scenario: Sometimes it is observed that ‘approving’ manually multiple assets gives ‘Transaction Timeout’ by ServiceNow
Workaround:
- In such case there is no data loss observed in asset transformation
- To overcome transaction timeout error, it is recommended to use ‘Auto Approval’ in schedule
Scenario: Duplicate entries found in cmdb_ci_computer for assets which were synced from ServiceNow to Qualys, scanned and then synced back from Qualys to ServiceNow
Workaround:
- If the user has added only IP address for the asset in the 'cmdb_ci_computer' table
- Reason: Name is a mandatory parameter for ServiceNow IRE mechanism.
- If user added both name (any dummy name) and IP Address for the asset in 'cmdb_ci_computer' table
Reason: After scanning the asset, the name discovered during the authenticated / unauthenticated scan and the dummy name that was provided could be different.
There would be no duplicate entry in 'cmdb_ci_computer' if the name is exactly same for the asset before sending the data from ServiceNow to SericeNow
Anticipated Issues
It is quite frequent to have error in opening/viewing attached ‘response.xml’ from sync queue records. Those response.xmls are considered as incomplete.
List of expected failure modes
- Qualys API server is undergoing maintenance/downtime
- Qualys subscription expired
- User credentials used are incorrect
- User credentials are correct, but user has no Qualys App subscription from Qualys
Number Mismatch Between Staging and Production Tables: Assets
Assets with the Same Name: If there are multiple assets with the same name. after approval of the production class, not all are added as separate records. The first asset which is approved gets added as a separate record. All the other assets with the same name get approved, but the IRE version updates the same record. However, the same record may contain multiple values for the same fields.
The discrepancy is observed in the following scenarios:
-Assets discrepancy could be there in the production table if the assets have the same names
Cause: IRE version uses a name to identify the CI class. Name is a mandatory parameter for transformation.
Number Mismatch Between Staging and Production Tables: Software
IRE version needs a software name and version of the data being transformed. Name is a mandatory parameter for transformation. For example, if the software has no Name/Version: The software without a name does not make any sense, The Software (OOB table) uses a 'key' attribute consisting of name and version.
For example, the software has the same name and the version number in the staging area. In such a case, duplicate entries may be created. Check the application log. Skipping duplicate entry
Field Name Missing in Production Tables
If you notice few fields that exist on Qualys UI or API response, but cannot locate it in ServiceNow out of box (OOB) tables. Cause: Mapping for such fields may not exist. For a complete list of mappings, refer to Field Mapping for Tables. If field mappings do not exist in the OOB tables, then such fields are not transformed into production tables. For example, the 'hostname' for network adapter exists in the staging table but missing from the production table (cmdb_ci_network_adapter). Cause: The cmdb_ci_network_adapter table does not have a mapping for the hostname field. Hence the field value is not available in the production table.
Truncated Value
If the field value exceeds the field limit then the value may get truncated. The application does not update any of the OOB table structures: like field value lengths.
Related Topic