The Home page widgets "Network threats detected" & "Virus detected" will continue showing data for the old events, even after an administrator performs one of the following cleanup activities: 

1. Deletion of Guest VMs on which events are generated.  
2. Explicit Re-registration of NSX and SVA by administrator. 
    

Network Threat detected & Virus Detected graphs continues to display the data, whereas no data is displayed for "Top 10 GVMs with network threats remediated" & "Top 10 GVMs with virus threats remediated".

The graph displayed under "Network threats detected" & "Virus detected" should not display any data, once clean up is done and post clean up a new SVA is registered . This creates confusion since the other data for the Top 10 GVMs is not displayed.

This event data will get cleaned/purged based on the event purging configurations.  

However the other two widgets "Top 10 GVMs with network threats remediated"  and  "Top 10 GVMs with virus threats remediated" will always be in sync with the Guest
VM inventory. 

 

Applies To

Steps:

1. Install SVA on the cluster
2. On vSphereWeb client create a security group and apply a security policy 
3. Access some AV threats & network threats on the GVMs, such that the graph on home page displays some data ("Network Threat Detected", "Virus Detected", "Top 10 GVMs with network threats remediated" & "Top 10 GVMs with virus threats remediated).
4. Unbind the security policy from the security group. Delete the security group & security policy
5. Un-deploy SVA from the cluster
6. Login to web UI & navigate to Integration page .  Unregister the DCS:S server from the NSX
7. Un-register DCS with UMC
8. Register DCS with UMC by running registerProduct.bat script
9. Login to Web UI and under integration page , again import & register DCS:S service with NSX
10. Deploy SVA on the cluster again & wait till it is registered with Server