Azure SGC - Filter Out Generic Resource data to be ingested into the CMDB

Ivonne Nirich · yesterday

Hi Team,

I have a use case where my customer is using the Azure SGC.

When the Azure SGC is collecting data, under the SGC-Azure Generic Resources, there are many Resource Types that my customer wants to filter out because the data is not needed.

The information is allocated on the cmdb_ci_cmp_resource table, and the resource types are varied, and increasing.

Question:

Is there an OOB method to filter the information that is ingested into the CMDB under the Generic Resources?
If there isn't an OOB solution, what customization would you recommend to restrict the incoming data from the Azure-SGC under the Generic Resource into the CMDB?

Any comment, idea, or suggestion is welcome!

Kind regards,

Ivonne

Kieran Anson · 3 hours ago

Hi,

you have a couple of options. Access can be restricted in Azure itself. The 'reader' role that is likely already granted provides broad access. The clients Azure administration team could create a new RBAC permission that limits resource access.

Within ServiceNow, as the script includes are read only, you'd need to filter the data in the SG-Azure Generic Resources before script, setting the processing to 'SKIPPED'. The before script, script field provides example code on how to process each entity