Why is it hard to recreate historical reporting numbers?

In Cisco Vulnerability Management there are a number of background computing jobs that run nightly. One of those jobs produces the reporting numbers displayed on historical data graphs for reporting.

Note: Cisco Vulnerability Management processes background jobs, such as risk meter refreshes, between 11 PM and 3 AM local time in EU and AJPC, and between 10:30 and 1:30 in the US region, excluding Hawaii.

Cisco Vulnerability Management is very dynamic which makes recreating those historical number virtually impossible for the following reasons: 

  1. Real time threat data changes vulnerability scores - up and down - as new data is acquired altering vulnerability counts by risk.  
  2. Vulnerabilities may be re-opened by scanners at any time altering open and closed vulnerability counts. 
  3. Tags on assets may change altering assets counts and scores for risk meters where tags were used to build the risk meter query.
  4. Assets may flip to inactive status altering risk meter score as well as asset and vulnerability counts. 
  5. Asset priority may be changed at any time altering the overall asset score and also the risk meter scores of any group containing the assets. 
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request



Please sign in to leave a comment.