Skip to main content

Docker Success Center

The Docker enterprise customer portal.

Docker, Inc.

DTR warning "Cannot perform security scans because no vulnerability database was found"

The warning message Cannot perform security scans because no vulnerability database was found.  is not expected during normal operations. Some systems will generate this warning when Security Scanning is first enabled, or if it is enabled in Offline mode, but the vulnerability database has not yet been uploaded. The warning is expected to go away once the database is first loaded into DTR.

If you see this warning during normal operations, and DTR has successfully scanned images in the past, to troubleshoot this problem in more depth, it is helpful to obtain a set of logs (with timestamps) for the container that's performing the scanning. That will require a combination of UI actions and a fairly simple command run on one of the nodes.

  1. Go to UCP -> Resources -> Containers.
  2. In the search box in the upper right hand, enter dtr-scanning . This should isolate the dtr-scanningstore container.
  3. Note the node where the container is running (under the Node column).
  4. Log into that node using an account that can run the docker CLI.
  5. Run the following command:
    docker ps | grep scanning
    This should provide a container ID and confirm the container is actually running on that node.
  6. Run the following command:
    docker logs -t [container_id] > /var/tmp/scanning.log.txt
    replacing the [container_id] with the ID you found. A sample command would look like this:
    # docker logs -t 3f53fb440398 > /var/tmp/scanning.log.txt

The resulting log file will help determine if there's anything unexpected going on with the scanning database.

  • Was this article helpful?