Scan Fails Due to Target or Resource Constraints

This article explains how to diagnose and resolve scan failures caused by target availability issues, system resource limitations, or execution failures during Secure Baseline scans and Internal Authenticated Vulnerability scans.

Symptoms

• Scan target fails or is skipped

• Scan does not complete successfully

• Scan terminates before completion

• One or more of the following errors appear:

  • Scan Target Timeout

  • Not Enough Memory

  • Missing Java Files

  • Inaccessible OVAL File

  • No ARF File

Error Types and Applicable Scan Types

Common Causes

• Target machine is offline or not checking in at scan time

• Insufficient system memory on the scanning agent

• Java files required for scanning are blocked or unavailable

• Network connectivity issues prevent access to vulnerability databases

• Insufficient disk space on the target machine

• PowerShell execution failures during scan execution

• Scan execution interrupted due to timeouts or I/O errors

Diagnostic Steps

Follow the steps below in order. Do not skip steps.

1. Verify Target Availability

(Scan Target Timeout)

Applies to: Secure Baseline scans, Internal Authenticated Vulnerability scans

What to check

• Confirm the target machine is powered on

• Ensure the machine is connected to the network

• Verify the target is checking in with Cyrisma

If the target is offline during scan execution, the scan may time out or be skipped.

2. Check System Memory Availability

(Not Enough Memory)

Applies to: Internal Authenticated Vulnerability scans

What to check

• Ensure at least 1024 MB (1 GB) of available memory is present on the scanning agent

Insufficient memory can cause the scan to terminate before completion.

3. Verify Java File Availability

(Missing Java Files)

Applies to: Internal Authenticated Vulnerability scans, Secure Baseline scans

What to check

• Confirm Java files were successfully deployed by the agent

• Review endpoint protection or EDR controls that may block Java deployment

If Java files are blocked, scanning cannot proceed.

4. Check Network Connectivity and Disk Space

(Inaccessible OVAL File)

Applies to: Internal Authenticated Vulnerability scans

What to check

• Ensure stable network connectivity during the scan

• Confirm sufficient disk space is available on the target machine

If the vulnerability database cannot be accessed or downloaded, the scan will fail.

5. Diagnose “No ARF File” Errors

(No ARF File)

Applies to: Internal Authenticated Vulnerability scans

The ARF (Asset Reporting Format) file contains the results of the vulnerability scan. If it is missing, the scan did not complete successfully.

Confirmed causes

• PowerShell startup delays

• PowerShell timeouts

• I/O exceptions during scan execution

• Corrupted or misconfigured PowerShell environments

What to check

• Verify PowerShell launches successfully on the target machine

• Confirm PowerShell commands execute without delay or error

Failures during scan execution prevent ARF file creation.

Resolution

Most scan failures caused by target or resource constraints are resolved by one or more of the following actions:

• Ensuring targets are online and reachable during scans

• Verifying at least 1 GB of available memory on the scanning agent

• Allowing Java file deployment by endpoint protection controls

• Ensuring stable network connectivity during scan execution

• Confirming sufficient disk space on the target machine

• Restoring normal PowerShell functionality on affected systems

After corrective actions are taken, rerun the scan and confirm successful completion.

When to Contact Support

Contact Cyrisma Support if:

• Scan failures persist after completing all diagnostic steps

• The same errors recur across multiple targets with similar configurations

• Logs indicate repeated execution or resource-related failures

Provide:

• Scan type (Secure Baseline or Internal Authenticated Vulnerability)

• Scan name

• Affected target machines

• Relevant scan or agent logs

• Summary of troubleshooting steps already completed