VCF Operations Diagnostics Management Pack

We introduced Diagnostics back in VCF Operations 8.18 as a way to see environmental VMSA/CVE exposures. Since 8.18.0, we've been adding new VMSAs/CVEs signatures into the product at each release: 8.18.1, 8.18.2, 8.18.3, and so on. But we've wanted a way to inject new VMSA/CVE signatures outside of release cycles. We now have a way to do that, the Diagnostics Management Pack!

Looking at my current VCF Operations 9 deployment, you'll notice it has the following.

Which has 637 VMSA/CVE signatures.

The VCF Diagnostics Management Pack comes natively in VCF Operations, so we'll simply be updating it, which we can now do from within the UI.

Searching the Marketplace, we find the updated Management Pack for Diagnostics, click DOWNLOAD and follow the prompts.

Check the box and click DOWNLOAD. Once downloaded, it will show in the DOWNLOADED tab.

Click INSTALL.

Review the prompt and click INSTALL.

You can watch the progress by clicking the request status link.

Once complete, it will look like this.

Back in the Repository you'll notice the updated Management Pack.

You'll also notice the Findings Catalog now has 639 entries, as there were 2 added by the updated Diagnostics Management Pack.

You can also filter in the Findings Catalog for just Criticals.

Back on the Active Findings tab, you'll see your Active Findings.

As indicated, there are Active Findings in your environment based on properties and logs. VCF Operations evaluates the property-based signatures every 4 hours, the log-based signatures are evaluated by clicking REFRESH FINDINGS.

To get notifications when there is a new release of the Diagnostics Management Pack, subscribe here. Instructions for subscribing to a general KB article can be found here.