Created attachment 1792135 [details] directory including an Ansible playbook to demonstrate the issue by generating the just the necessary output. Description of problem: When querying the Satellite API for applicable errata, the returned number of affected hosts per errata is always 0, and the list of applicable hosts is empty. Version-Release number of selected component (if applicable): Satellite 6.9.2 How reproducible: Consistently. Steps to Reproduce: 1. Download the attached file errata_query.txz 2. Run the playbook against a Satellite whose hosts have applicable Security Errata 3. See the output of the last task Actual results: The affected_hosts_count is 0 and the applicable_hosts list is empty Expected results: These should have actual values in them. Additional info: This playbook queries for applicable errata for each host one at a time; however you get the same result if you query all applicable errata for all hosts at once. I had to perform the query one host at a time, in order to see what errata applied to what host. You can see my output in the file playbook_output.txt included in errata_query.txz. In services we often have customers asking why their vulnerability scanner of choice reports so many false positives for Red Hat Products. My intent with this playbook was to provide a way to the Security Scanning teams to consume Errata information from Satellite, and incorporate it into the Security Vulnerability reporting workflow. This would be a lot easier if the affected_hosts_count and applicable hosts fields reported correctly and I could query the API for all the Errata at once. Thanks,
I cannot reproduce this on Satellite 6.9.9: [vagrant@sat-6-9-qa-rhel7-2 ~]$ curl -X POST -H 'Content-Type: application/json' -d '{"included":{"search":"name ~ rhel"}}' -u username:password https://`hostname`/api/hosts/bulk/applicable_errata {"total":1,"subtotal":1,"page":1,"per_page":20,"error":null,"search":null,"sort":{"by":"updated","order":"desc"},"results":[{"id":3,"pulp_id":"b14e91ec-7b12-4fa4-be50-0822f9fdd543","title":"Sea_Erratum","errata_id":"RHEA-2012:0055","issued":"2012-01-27","updated":"2012-01-27","severity":"","description":"Sea_Erratum","solution":"","summary":"","reboot_suggested":false,"uuid":"b14e91ec-7b12-4fa4-be50-0822f9fdd543","name":"Sea_Erratum","type":"security","cves":[],"bugs":[],"packages":["penguin-0.9.1-1.noarch","shark-0.1-1.noarch","walrus-5.21-1.noarch"],"module_streams":[],"applicable_hosts":[{"name":"rhel8.cannolo.example.com","id":2}],"affected_hosts_count":1}]} Closing out the issue as such. Please reopen this BZ if you're still able to reproduce the problem on the latest Satellite 6.9 version.