CMDB archive rule

Bcrant · ‎08-12-2022

Morning, all.

We stumbled across an issue while doing some data reconciliation that has raised concerns and I'm hoping someone has more insight to the issue. In our TEST instance only, the OOB "archive configuration items" rule was triggered earlier this year but there's not audit on who triggered it. As I understand it, the table is limited to field audits. Anyways, we believe these archived tables have been causing some conflicts with record inserts and updates. I'm wondering if you all might have suggestions on ways to dive deeper into how the rule was triggered? History detail shows last updated as 4/2/21 by the system admin account but the rule was triggered in April of this year, based on archive run start times. I'm currently the only admin at our organization and use my own account (have since day 1). We've had a number of vendors in our system with admin roles but they also login with their own accounts and do not have access to login credentials.

This may be a reach but figured I'd put it out here to see if anyone has any thoughts.

Thanks!

Mark Manders · ‎08-12-2022

Probably not, but is there any login available from that day? Did you have any updates planned for that day (patches/upgrades)?

If my answer helped you in any way, please then mark it as helpful. If it resolved the issue, please mark it as correct.

Mark

Please mark any helpful or correct solutions as such. That helps others find their solutions.
Mark

Bcrant · ‎08-12-2022

@Mark Manders We did have a patch scheduled for 4/1/22 for TEST but it was canceled by ServiceNow and applied a few days later. I'll check the login audit (good suggestion).

Bcrant · ‎08-12-2022

Squashed... last login for that account was our go-live day. May have been able to cross check a login against our pw db to see who retrieved the pw. Such an unusual issue.