Documentation Center
AlienVault® USM Anywhere™

Running Asset Scans

  Role Availability   Read-Only   Analyst   Manager

Use an assetAn IP-addressable host, including but not limited to network devices, virtual servers, and physical servers. scan to discover hostsReference to a computer on a network. and services in the deployed network. To accomplish this goal, the scanner sends crafted packetsTerm used when you are constructing your packets manually; might be used for fuzzying or testing protocols, as you can create exceptional situations that might be useful to evade IDSs or firewalls. They can also be used to fingerprint an asset, for vulnerability analysis, or scans. to the target asset and analyzes the responses. This is not an authenticated scanAuthenticated scans are performed from inside the machine using a user account with appropriate privileges.. You can run scans on individual assets.

Important: This option is available if the sensorSensors are deployed into an on-premises, cloud, or multi-cloud environment to collect log and other security-related data. This data is normalized and then securely forwarded to USM Anywhere for analysis and correlation. associated with the asset allows it or not.

Warning: You cannot scan USM Anywhere sensors.

Enabling the Asset Scanner App

To enable the Asset Scanner App

  1. Navigate to DATA SOURCES > SENSORS.
  2. The Sensors page displays.

  3. Click on the sensor you want to enable the asset scanner app.
  4. Click the Asset Scanner tab.
  5. Click Enable.

Running Asset Scans from Assets

To run an asset scan from Assets

  2. Do one of the following options to open the Scan Asset popup window
    • Click the blue chevron icon () located next to the asset name you want to scan, select Full Details, and then click Actions > Asset Scan.


    • Click the blue chevron icon () located next to the asset name you want to scan and select Asset Scan.
  3. Select the scan profile you want to run

    Select the Set Debug Mode checkbox if you want to log the results of the scan. This option is disabled by default.

    Note: Keep in mind that the Set Debug Mode option must be used only for debugging purposes because it needs disk space.

  4. Click Scan.
  5. In the Asset details page, click the Scan History tab in the table area to display the results of the scan. You can see the status of each scan and the details.

Important: Make sure the Asset Scanner app is Enabled. See Enabling the Asset Scanner App for further information.

Note: See Scheduling Asset Scans for further information about how to schedule an asset scan.

Running Asset Scans when you are creating a new asset

To run an asset scan when you are creating a new asset

  1. Navigate to ENVIRONMENT > ASSETS.
  2. Click Actions > Advanced to open the Create New Asset popup window.
  3. Select the option Scan the newly added asset for asset details.
  4. Important: The Asset Scan options are available only for VMware and Hyper-V sensors.

    Create New Asset: Scan the newly added asset for asset details

  5. Click Save.
  6. A green message displays at the top to inform you the scan has been launched and is running. When the scan is complete, the results will be visible in the tab Scan History of the asset details page. See Viewing Assets Details for further information.