Overview
You configured automatic remediation, all LanGuard services are running, agents are scanning, but there is no auto-remediation activity in the LanGuard server console - remediation jobs are not running.
Solution
There are several possible root causes for automatic remediation not working. The most common are LanGuard not receiving the latest definitions updates (i.e., there is nothing new to remediate), scans errors because of missing requirements, issues with the backend scan results database, or the environmental factors disrupting scanning operations.
1. Ensure that the LanGuard server and the Agents are receiving updates with the latest definitions.
-
The updated definitions are only provided to the latest LanGuard version. If you are still using the older version - Upgrade the GFI LanGuard. After the upgrade, make sure that the Agents are deployed.
-
Environmental changes may be preventing LanGuard from automatically downloading the latest patch detection and vulnerability definitions. Follow the Updating LanGuard Server Manually When Product Does Not Get Latest Definitions or Agents Do Not Update article to ensure you have the most recent definitions.
- Agents should automatically update when they start any scan. You can manually initiate an agent scan by right-clicking on the target machine or group of computers in the Computer Tree and selecting Scan > Refresh information now. The success can be verified by navigating to Activity monitor -> Progam updates and checking the Agent updates tab. Agent updates need to be showing as successful for the affected target clients. If not, Fix LanGuard Agent Failed Updates.
2. Ensure that scans are completing without errors.
Errors during a scan lead to incomplete scan results and no new findings to remediate. Check the scan details in the LanGuard console Activity Monitor. Refer to our Resolving Errors Leading to GFI LanGuard Scans Failing or Not Completing all the Operations article to address all the errors encountered.
If you cannot find scan results in the Activity Monitor, it may be the result of failing communications. In such cases, Verify Required Network Connectivity and Security Permissions.
3. Verify the health of the backend scan results database.
All scan results are saved to the GFI LanGuard database (default name LNSSScanresults12), and LanGuard uses this data to determine what patches are missing and should be remediated. If there are problems with the database, the results would be unreliable and may not trigger automatic remediation.
For example, if the 'Could not get the DB connection' error is encounters, or the SQL Express database has reached its maximum capacity, scan results just won't be saved for the LanGuard to analyze them. Follow the Maintain the Scan Results Database article to ensure that the backend database is in good shape.
In some cases, it may be necessary to create a new database and add a test machine to scan to see if this is a database issue.
4. Configure Patch Auto-Deployment.
Auto-Remediation wouldn't apply Microsoft patches if they are not auto/manually approved. You can follow our KB article Configuring Patch Auto-Deployment in GFI LanGuard for Missing Updates.
5. Check the Scanning Profile being used.
If you are using a custom scanning profile, make sure that you turned on the patches scanning options there.
6. LanGuard installation may be corrupted due to Real-time protection engines
Real-time protection engines can affect the LanGuard server installation. If antivirus was running when LanGuard was installed or upgraded, there is a high probability that certain .dll files were corrupted during the installation. In such cases, it is recommended to reinstall the LanGuard server, strictly ensuring all the requirements and following the installation steps.
Testing
Once the root cause is identified and fixed, repeat the scanning operation and check in the Activity Monitor that there are missing patches to deploy and if automatic remediation was triggered after the scan. If the issue persists, contact GFI LanGuard Support.