It happens as TSSA is checking all rpms in the include list including all versions available for given rpm even if not installed in the server.

RFE has been created to parse only installed RPMs to reduce the time spent in running analysis.

As Workaround customer can switch in Include Exclude Options from default "By Complete Package Name" for "By Package Name Only"



The option above will lead to a significant improvement in performance. However, if even after using this if the job runs longer then please check if number of patches in the include/exclude list can be decreased.

For ex - If an include list is used where RPM_BUILD_DATE is less than 60 days then add a condition such as RPM_BUILD_DATE is after Just 2019 or whatever the lower limit is selected.
The idea is to reduce the list of RPMs in the include list which can lead to significant delay in the Patch Analysis.



In TSSA 21.3 and onwards, BMC has introduced a new enhancement to scan only for security patches.

please refer the video below for details :



Refer the  document for details.



See also: Best answers and resolutions to the most common questions on Truesight Server Automation (TSSA) Redhat Enterprise Linux Patching