Davian
2011-12-07 14:49:08 UTC
Davian [http://community.zenoss.org/people/Davian] created the discussion
"Zenoss + Nessus Scan = Alert Explosion"
To view the discussion, visit: http://community.zenoss.org/message/63096#63096
--------------------------------------------------------------
I ran into an interesting problem the other day. I scanned my internal network using Nessus and when the scanner hit my Zenoss machines, they alerted like crazy. The Zenoss servers reported every single one of the monitored servers as down, they couldn't poll for data at all. Once the scan finished, the Zenoss servers came back to normal like nothing ever happened. I can't fathom why a vulnerability scan would cause Zenoss to freak out like that. I was running the scan in safe-mode so it shouldn't have used any plugins that would break anything. There's absolutely nothing out of the ordinary in the logs, as far as I can see. Any ideas? Has anyone seen this before?
--------------------------------------------------------------
Reply to this message by replying to this email -or- go to the discussion on Zenoss Community
[http://community.zenoss.org/message/63096#63096]
Start a new discussion in zenoss-users by email
[discussions-community-forums-zenoss--***@community.zenoss.org] -or- at Zenoss Community
[http://community.zenoss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2003]
"Zenoss + Nessus Scan = Alert Explosion"
To view the discussion, visit: http://community.zenoss.org/message/63096#63096
--------------------------------------------------------------
I ran into an interesting problem the other day. I scanned my internal network using Nessus and when the scanner hit my Zenoss machines, they alerted like crazy. The Zenoss servers reported every single one of the monitored servers as down, they couldn't poll for data at all. Once the scan finished, the Zenoss servers came back to normal like nothing ever happened. I can't fathom why a vulnerability scan would cause Zenoss to freak out like that. I was running the scan in safe-mode so it shouldn't have used any plugins that would break anything. There's absolutely nothing out of the ordinary in the logs, as far as I can see. Any ideas? Has anyone seen this before?
--------------------------------------------------------------
Reply to this message by replying to this email -or- go to the discussion on Zenoss Community
[http://community.zenoss.org/message/63096#63096]
Start a new discussion in zenoss-users by email
[discussions-community-forums-zenoss--***@community.zenoss.org] -or- at Zenoss Community
[http://community.zenoss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2003]