Skip to content
  • There are no suggestions because the search field is empty.

What do the different scan statuses mean?

A network or web application scan can result in one of the following scan statuses: 

  • Stopped
    The scan is not running. A manual action from a user typically triggers this. 
  • Paused
    The scan is paused. This can be a user-triggered action or occur when the vulnerability feed is applied to the scan node. Note: network scans can only be paused for up to 2 hours.
  • Requested
    The scan is currently queued.
  • Running
    The scan is in progress. If you believe your scan is not progressing, read this article.
  • Finished
    It's been completed without any errors.
  • Finished with a warning
    The scan was completed, but with additional information, such as the inability to find any active hosts. You can read more about this warning status here. Equally, the web app scan's maximum run time of 24 hours was exceeded, and the scan was terminated before it could finish. Read more about how to fix this here.
  • Error
    The scan couldn't be completed successfully because it encountered a severe issue that prevented it from executing and collecting the scan results. You can read more about this error status here.
  • Throttling
    When a requested scan is in the Throttling state for too long and exceeds a limit, the status changes to "Error: Scan couldn't be started due to the license limit."