How to configure SLAs for Vulnerability group?

Devi12
Giga Guru

‎09-14-2022 11:32 PM

Hi,

I have a requirement to configure SLAs for Vulnerable groups. Currently we are using remediation target rules, which are counting calendar days not business days. For this reason we wanted to switch to SLAs for remediation. But while I am creating an SLA, it is not attaching to the Vulnerabilities even if these vulnerabilities satisfies the condition in SLA. So, from task_sla table I have created a record, there I got an option to select the only one vulnerability. But we want to attach the SLA to bulk of vulnerabilities which satisfies the condition. 

Below is the SLA I have created:

find_real_file.png

In above fig. even if I selected Risk rating as 2-High, it is not attaching to Vul. groups which are having risk rating 2.

Below is the screenshot of sla_task record, where I get the option to attach SLA:

find_real_file.png

Preview file
86 KB
Preview file
98 KB
0 Helpfuls
  • 1,112 Views
4 REPLIES 4

Mark Manders
Mega Patron

‎09-14-2022 11:41 PM

Looking at your definition: you don't have any start conditions, so that's probably why they aren't triggered. And I'm not sure what you are doing with the task_sla record, because that's the record that should be created automatically and the 'task' field is something you shouldn't touch.

Can you add start conditions and check if it works then?

If my answer helped you in any way, please then mark it as helpful. If it resolved the issue, please mark it as correct. This way others will find it in the solved queue and helps them on similar queries.

Mark


Please mark any helpful or correct solutions as such. That helps others find their solutions.
Mark
0 Helpfuls

Devi12
Giga Guru
In response to Mark Manders

‎09-14-2022 11:54 PM

I have given start condition, then also SLA is not attaching to Vul.group. You can see the configuration in attachment.

 

Preview file
92 KB
0 Helpfuls

Mark Manders
Mega Patron
In response to Devi12

‎09-15-2022 01:32 AM

That's strange. It should work like this. Just to be sure: did you create a new one on Risk rating '5' or change the Risk rating to '5' on an existing one? The start condition needs to be triggered. If that still doesn't work: log a ticket with NowSupport, because everything is configured correctly as far as I can see.

 


Please mark any helpful or correct solutions as such. That helps others find their solutions.
Mark

Devi12
Giga Guru
In response to Mark Manders

‎09-15-2022 02:04 AM

Thanks Mark for your reply. After the schedule job ran, new Vul.groups were updated.Now I can see SLA attached

0 Helpfuls