Some Issue's Vulnerability State was not synchronize successfully

[havengit]

The vulnerability has been fixed and the state is fixed in tenable . but some of then still is open state in jira.

For example,
VULN-8
VULN-4

The sync log ：
[09:02:13] INFO INFO:Processor:Building Task SQL Cache. processor.py:130
[09:02:14] INFO INFO:Processor:Building Subtask SQL Cache. processor.py:136
[09:02:15] INFO INFO:Processor:Closing Task "VULN-307" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-349" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-301" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-324" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-314" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-279" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-225" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-244" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-287" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-298" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-246" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-219" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-316" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-217" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-242" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-289" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-322" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-331" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-268" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-312" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-347" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-274" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-342" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-237" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-250" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-235" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-266" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-210" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-256" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-252" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-214" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-222" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-231" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-303" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-329" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-208" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-339" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-264" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-229" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-305" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-259" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-277" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-206" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-345" as it has no open SubTasks processor.py:389
INFO INFO:Processor:Closing Task "VULN-318" as it has no open SubTasks processor.py:389

[havengit]

[SteveMcGrath]

Could it be that the miss was a gap in the last observed timeline vs the last pull?

[havengit]

The last seen is May 29, 2024, 12:23 PM and I synced in May 31, 2024.

[havengit]

INFO INFO:Processor:Closing Task "VULN-7" as it has no open SubTasks

Log show vuln-7 has no open subtasks, but the subtask vuln-8 was open .

[havengit]

The task has change to "todo" ,Subtask is "todo" too.
sync.log

[havengit]

From the log ,no check behavors for vuln-7 vuln-8 .

All data imports from Tenable.io use the last_found/last_seen fields. This ensures that all issues are updated whenever new information becomes available, unless overridden with the --first-discovery flag.

It's seems like if the vuln was fix in tenable and last_seen will not update in tenbable . such those vuln will not sync. but in config age was set to 30 .

[SteveMcGrath]

config age isn't used in subsiquent runs, it will use the last_run field that the integration itself places to track state.

[SteveMcGrath]

last_seen will not update on a fixed vuln, but the last_fixed field would. In either case, the vuln should have been pulled with the "fixed" state and the issue closed out. I did add a flag to allow you to easily ignore the last_run attribute if something like this does come up. simply run with --ignore-last-run and it will ignore that field in the config. This is functionally equivalent to removing the field within the config itself.

It should be pulling these findings as the state is changing on them and handling them appropriately, if this keeps happening, I'd like you to run a job with --no-cleanup and email me the resulting cache db file.