hey Experts -
This is regarding Certificate Inventory management. I am trying to create an Incident through Event management - however when i am getting events there is no distinguishing filter to determine if that certificate is Self signed or External. The consultants are suggesting to do scripting to get the self signed or external. However i am wondering this information should be there in the certificates that discovery should discover in first place. Please suggest a best way to avoid this scripting.. Thank you!!! (the concealed part is alpha numeric fingerprint)
Hi Ashi,
This should do the trick - copied the ootb Create Incident flow, and added a "Look Up Records" action to find a certificate which matches the sysid of the CI on the alert and is self-signed.
The if condition on the next step checks if the Count returned by the Look Up Records action is greater than 0. If yes, then it means the certificate was found and it is a self-signed cert, so the flow is stopped.
Hi Ashi,
This should do the trick - copied the ootb Create Incident flow, and added a "Look Up Records" action to find a certificate which matches the sysid of the CI on the alert and is self-signed.
The if condition on the next step checks if the Count returned by the Look Up Records action is greater than 0. If yes, then it means the certificate was found and it is a self-signed cert, so the flow is stopped.
