Forum Discussion
Threat & Vulnerability Management Software inventory
- Jul 15, 2019
Andrew Emmett wrote:
Hi there
Does anyone know how long it takes for inactive machines to be removed from the Threat & Vulnerability Management Software inventory section. In my organisation (an educational establishment), we re-image out PC inventory every year during the summer and normally update about 4,000 PC's to the next suitable build of Windows 10, in this case 1803>1903. This is probably bad practice, but we don't off-board the PC's because we will just be on-boarding them again and its time consuming to off-board the devices. When the re-imaged machines come online again, they are automatically re-on-boarded and we tolerate the duplicate machines for the 7 days it takes them to become inactive.
Now the issue. In Threat & Vulnerability Management > Software inventory, the inactive devices are still bring counted in 'Exposed machines' and there doesn't seem to be a way to filter them out. I've been patiently waiting for a few weeks, but the machines haven't dropped out yet. This means that I'm seeing 7,000+ machines, about half of which are clean, but the stats & graphs don't reflect the status of the environment. I'm assuming that this is because it's still counting inactive machine records.
Anyone else seen or having this issue?
Thanks
Andy
machines are removed from TVM after 30d of inactivity.
Hey, Andrew Emmett.
I see. My mistake.
Just to clarify the amount of time it takes will depends how you data retention is configured. Can take 30 up to 180 days until inactive machine get removed from the portal.
Regards,
IL