"scenario create error" occurs when the following two matched rate is low.
- Response information acquired when proxy log is recorded
- Response information acquired when the "scanning setting validation" is carried out
"Scanning setting validation" is the signature to confirm that the scanning setting has been correctly done by making an access to a scanning target without including a payload.
This is automatically carried out at the beggining/end and every 200 times of scan.
The possible factors for "scenario create error" are described below.
(1) Since a scan scenario is continuously executed to a server, the server is unable to handle the process well and a normal response is not returned.
(2) Response differs because the data required for screen display has been modified due to the data update and deletion.
(3) As the time has passed, the date/time, session ID, token, etc., which were sent during logging, has become unable to be entered on the system anymore at the time of scanning.
To prevent "scenario create error", Please try the following procedures.
1. "scenario create error" may be reduced by reducing the scanning target server load by setting a Wait value for a scan.
2. Doing following measures.
- Review scanning settings (especially parameter handover) of using Handler and etc
- Record a log again and conduct a scan.
- Restore data required for screen display
→ The scenario recreate error will be resolved by restoring the values when the data can be restored by operating the target systems.
- Review the scanning scenario by such as modifing the order of screen transitions
→ If the data modification causing the scenario recreate error has been done accompanied by a scan for the screen where scenario recreate error occured, It might need to reconsider the scenario In addition to the above.
【Example of scenario reconsideration】
To scan the following "deletion process" that is processed only once per data;
Login screen - Login process-Delete confirmation screen - Delete process
→ In the above transition, the process is conducted only once, so it needs to check the scenario and edit the transition as follows;
Login screen - Login process - Input screen - Registration process - Deletion confirmation screen - Deletion process
* Specifically, handover the value so that the data registered in the Registration proces is to be deleted in the Deletion process.
Applying the above scenario, data required for deletion is created for each scan, which enables repeating of scans.
3. It is necessary to set a valid value in the handover settings.
It is necessary to make a handover setting to handover the correct value, including the issue process of the value that caused the error in Pre processor.