Privileges for Scan User Account for A10 Advanced Core OS 4.x
For the PC scan to work properly, identify A10 advanced core OS devices and fetch each system's patch status. The scan user account you provide for authentication must have privileges to access the command listed below:
Set of Commands used in SignaturesSet of Commands used in Signatures
- show slb template cipher
- show slb template server-ssl
- show aflex all
- show run
- show running-config waf
- show running-config waf template
- show running-config slb template
- show running-config slb service-group
- show running-config slb server
- show admin detail
- show running-config hostname
- show running-config banner
- show running-config health monitor
- show running-config logging host
- show running-config
- show terminal
- show running-config web-service
- show running-config admin-lockout
- show log policy
- show ntp status
- show clock
- show management
- show interfaces management
A10 signatures that use the above-mentioned commands must have Read privilege with Privilege type as Global along with Access as CLI.
Perform the steps to create scan users on A10 Core OS
- Log in to the A10 device with an admin user created earlier on the setup of the A10 target.
- Go to System > Admin > Users
- Enter the Username and Password
- Select CLI under Access, Privilege Type as Global and Privilege as Read.
- Click Create.
Steps to Create an Authentication Record
Perform the steps to create an authentication record
- Go to Scans > Authentication > Operating Systems > Unix
- A window is displayed.
- Enter the Username, Password and select the Target Type as A10 (VM/PC) from the drop-down list.
- Enter the Asset Ips/Ranges under the Assets tab
- Click Create.