Notifications

1243 views

Description

Windows discovery takes a long time to complete or fails with errors like "PowershellProcessRunner was interrupted to complete in 600 seconds" in the classification phase or when the Windows Installed Software probe runs.
This is caused by multiple round trips between the MID Server and the target host, which is susceptible to network delays and MID Server load. This issue is seen in both WinRM and WMI protocols.

If discovery fails even if the target host has PowerShell installed on it, make sure the admin share is accessible from the MID server.

Steps to Reproduce

Any individual Windows server Discovery that takes in excess of 10 minutes. If you encounter this, you should consider an upgrade to the appropriate version.

Workaround

This fix includes a number of Java code changes to offload work to the remote Windows server and improve performance significantly. Because of the scope of the changes, no workaround exists for this issue. Upgrade to Madrid Patch 3 OR to the New York release (any patch). Madrid Patch 4 and Patch 5 do not contain the fix at this time. Performance improvements can be dramatic for CPU and memory usage on the MID Server host.  


Related Problem: PRB1308592

Seen In

Jakarta Patch 8b
SR - IRM - Audit Management - New York 2019 Q3
SR - IRM - GRC Profiles - Madrid 2019 Q2
SR - IRM - GRC Workbench - New York 2019 Q3
SR - IRM - Policy and Compliance - Madrid 2019 Q2
SR - IRM - Risk Management - New York 2019 Q3
SR - IRM - Vendor Risk Management - Madrid 2019 Q1
SR - ITOM - CMDB CI Class Models - 201908
SR - ITOM - Discovery and Service Mapping - 201908
SR - Security - Integration Framework - Madrid 2019 Q2
SR - Security - Support Common - Madrid 2019 Q2
SR - Security - Support Orchestration - Madrid 2019 Q2
SR - SIR - Security Incident Response - Madrid 2019 Q2
SR - SIR - Security Incident Response PA Content - New York 2019 Q3
SR - SIR - Store SecOps Setup Assistant - Madrid 2019 Q2
SR - SIR - Store Threat Core - Madrid 2019 Q2
SR - SIR - Store Trusted Security Circles Client - New York 2019 Q3
SR - SIR - Threat intelligence - New York 2019 Q3
SR - VR - Rapid7 - London 2019 Q2 v.6.2.1
SR - VR - Vulnerability Response - New York 2019 Q3
SR - VR - Vulnerability Response PA Content - Madrid 2019 Q2

Fixed In

Madrid Patch 3
New York

Associated Community Threads

There is no data to report.

Article Information

Last Updated:2019-09-05 22:41:10
Published:2019-08-07