ServiceNow – Exclude Virtual Machines from Intune Integration (ETL / Transform Map)

Scope
You want to prevent any Virtual Machine (VM) devices from being inserted/updated in CMDB via the Intune integration, specifically by using ETL/Transform Map logic.

Approaches (from most to least preferred within ETL layer)
1) Transform Map onBefore Script → skip records (ignore=true)
2) Transform Map Row Transform Script (per-row) → conditional skip
3) Field Map script to sanitize (not recommended for skip)
4) ETL (IntegrationHub ETL) Filter/Where clause before Transform (preferred if using ETL graph)

Key Idea
At transform time, identify VM characteristics in the Intune payload (import set table) and set `ignore = true;` to skip the row. This prevents VM CIs from being created/updated.

Typical VM Identifiers in Intune Payload
- model contains: "Virtual", "VMware", "Hyper-V", "KVM", "Virtual Machine"
- manufacturer contains: "VMware", "Microsoft Corporation" (with model indicating Hyper-V), "QEMU"
- deviceCategory: may reflect virtual category if used
- operatingSystem / deviceName patterns: optional heuristics

A) Transform Map – onBefore Script (recommended, simple)
Location: System Import Sets → Transform Maps → your Intune → CMDB map → Script (onBefore)

Example:
(function transformEntry(source, target, map, log, isUpdate) {
// Normalize to lower-case strings for safe checks
function lc(v) { return (v + '').toLowerCase(); }
var model = lc(source.model);
var mfg = lc(source.manufacturer);
var name = lc(source.deviceName || source.device_name || source.displayName);

// Heuristics for VMs; tune as needed
var vmHints = [
model.indexOf('virtual') > -1,
model.indexOf('vmware') > -1,
model.indexOf('hyper-v') > -1,
mfg.indexOf('vmware') > -1,
mfg.indexOf('qemu') > -1,
mfg.indexOf('kvm') > -1
];

if (vmHints.indexOf(true) > -1) {
ignore = true; // Skip this row entirely
log.info('Intune ETL: skipped VM record: model=' + source.model + ', mfg=' + source.manufacturer + ', name=' + name);
}
})(source, target, map, log, action === 'update');

Notes:
- Replace source.field names with the actual column names in your import set (use Transform Map → Auto map to see source fields).
- `ignore = true;` prevents insert/update for that row.

B) Transform Map – Row Transform Script (per-row script)
Location: Transform Map → "Scripts" related list → New Script (Run on: Each row)
Example:
(function runTransformScript(source, target, map, log, action) {
var model = (source.model + '').toLowerCase();
var mfg = (source.manufacturer + '').toLowerCase();
if (model.indexOf('virtual') > -1 || model.indexOf('vmware') > -1 || mfg.indexOf('hyper-v') > -1) {
ignore = true;
log.info('Intune ETL: skipped VM via Row Script. model=' + source.model + ', manufacturer=' + source.manufacturer);
}
})(source, target, map, log, action);

C) IntegrationHub ETL – Filter the dataset before transform (if using ETL Designer)
If you built the Intune pipeline with IntegrationHub ETL (Data Stream → Prepare → Load):
- Open your ETL definition
- In the "Prepare" stage, add a Filter node (or a Where clause) to exclude VMs:
• model does not contain "Virtual"
• manufacturer does not contain "VMware"
• model does not contain "Hyper-V"
- This keeps VMs out of the transform entirely (best for performance).

D) Additional Hardening (optional)
- Add a safeguard Business Rule on cmdb_ci_computer to prevent insert of obvious VMs from Intune source:
Table: cmdb_ci_computer (before insert)
Condition: source = 'Intune' (or your discovery_source)
Script: if (current.model.toString().match(/virtual|vmware|hyper-v/i)) current.setAbortAction(true);

- Maintain an allowlist (e.g., u_allow_virtual=true) if you have legitimate VDI devices you want to keep.

Validation Checklist
1) Confirm your import set table column names (e.g., u_model, u_manufacturer, displayName).
2) Run a test transform with “Test transform” and inspect the transform log → ensure rows are skipped.
3) Check Transform History: Ignored count should reflect skipped VMs.
4) Verify no new VM CIs are created or updated in cmdb_ci_computer after the change.

Troubleshooting
- No rows skipped: the source column names don’t match; log the entire source JSON to confirm: log.info(JSON.stringify(source));
- Still seeing VMs: are they coming via another source (SCCM/Azure/Discovery)? Align reconciliation and filters across sources.
- Coalesce issues: If coalesce keys match an existing CI, your skip must occur BEFORE update. Ensure you use onBefore or a row script that sets ignore=true before the write.

Best Practice Order of Operations
1) Prefer filtering at the source (Graph API OData filter) to reduce volume (outside ETL).
2) Otherwise, filter in ETL “Prepare” stage.
3) Otherwise, use Transform Map onBefore/Row script (shown above).
4) As a last resort, run a cleanup job post-import.

TL;DR
Yes—use a Transform Map onBefore (or per-row) script to set `ignore = true` when model/manufacturer indicate a VM. If using IntegrationHub ETL, add a Filter node in the Prepare stage. Validate with Transform History and logs.

ServiceNow – Exclude Virtual Machines from Intune Integration (ETL / Transform Map)

Goal
Prevent Virtual Machine (VM) devices from being inserted/updated in CMDB via the Intune integration, using IntegrationHub ETL and/or classic Transform Maps.

Key Approaches
1) Filter VMs before transform (IntegrationHub ETL “Prepare” stage) ← Best for performance
2) Skip rows during Transform Map (onBefore or Row Transform script) ← Simple & effective
3) Safeguard at CMDB layer (optional Business Rule) ← Last-resort safety net

Typical VM Identifiers in Intune Payload
- model contains: "Virtual", "VMware", "Hyper-V", "KVM", "Virtual Machine"
- manufacturer contains: "VMware", "Microsoft Corporation" (for Hyper‑V), "QEMU", "Parallels"
- deviceCategory / enrollmentProfile naming (if you tag VMs upstream)
- operatingSystem or deviceName patterns (heuristic)

A) IntegrationHub ETL – Filter in “Prepare” (Preferred)
If your Intune pipeline is built with IH ETL (Data Stream → Prepare → Load):
1. Open your ETL Definition (the Intune pipeline).
2. In **Prepare**, add a **Filter** node to exclude VMs, e.g.:
- model does not contain "virtual"
- AND model does not contain "vmware"
- AND model does not contain "hyper-v"
- AND manufacturer does not contain "vmware"
- AND manufacturer does not contain "qemu"
3. (Optional) Use a **Map** node to normalize manufacturer/model case first.
4. Save & run. This prevents VM rows from ever reaching Transform/Load.

B) Transform Map – onBefore Script (Simple & Fast)
System Import Sets → Transform Maps → your Intune map → **onBefore** Script:
(function transformEntry(source, target, map, log, isUpdate) {
function lc(v) { return (v + '').toLowerCase(); }
var model = lc(source.model || source.u_model || '');
var mfg = lc(source.manufacturer || source.u_manufacturer || '');
var name = lc(source.deviceName || source.device_name || source.displayName || '');

var isVM = false;
if (model.indexOf('virtual') > -1 || model.indexOf('vmware') > -1 || model.indexOf('hyper-v') > -1) isVM = true;
if (mfg.indexOf('vmware') > -1 || mfg.indexOf('qemu') > -1 || mfg.indexOf('kvm') > -1 || mfg.indexOf('parallels') > -1) isVM = true;

if (isVM) {
ignore = true; // Skip this row entirely (no insert/update)
log.info('Intune ETL: Skipped VM model=' + (source.model||'') + ', mfg=' + (source.manufacturer||'') + ', name=' + (name||''));
}
})(source, target, map, log, action === 'update');

Notes
- Replace source field names with actual import-set columns (check your Data Source preview). Common: displayName, model, manufacturer.
- `ignore = true` prevents both insert and update for the row.
- Keep the script lightweight; avoid extra queries for performance.

C) Transform Map – Row Transform Script (Alternative)
Transform Map → Scripts (Run on: Each row):
(function runTransformScript(source, target, map, log, action) {
var model = (source.model + '').toLowerCase();
var mfg = (source.manufacturer + '').toLowerCase();
if (model.indexOf('virtual') > -1 || model.indexOf('vmware') > -1 || mfg.indexOf('hyper-v') > -1) {
ignore = true;
log.info('Intune ETL: Skipped VM via Row Script. model=' + source.model + ', mfg=' + source.manufacturer);
}
})(source, target, map, log, action);

D) CMDB Safeguard (Optional)
If you want a final safety net in case different pipelines feed VMs:
- **Before Insert/Update Business Rule** on `cmdb_ci_computer`:
if (current.discovery_source == 'Intune' && /virtual|vmware|hyper-v/i.test(current.model + ' ' + current.manufacturer)) {
current.setAbortAction(true); // or move to archive table
}
Use cautiously to avoid blocking legitimate VDI/virtual desktop records you may want.

Validation Checklist
1) Confirm import-set field names (e.g., displayName, model, manufacturer) – adjust scripts accordingly.
2) Run a **Test load** (Data Source) and **Test transform**; check Transform History → Ignored count increases for VMs.
3) Verify CMDB: no new VM CIs from Intune afterward.
4) Check other sources (SCCM, Discovery, Azure) to ensure duplicates aren’t reintroduced; align reconciliation rules.

Troubleshooting
- No rows skipped: inspect source via `log.info(JSON.stringify(source))` (temporarily).
- Different MID/connection in prod vs test: ensure both pipelines see the same columns.
- Coalesce keys: ensure skip happens **before** update; use onBefore or row script, not after.
- ETL cache: re-publish ETL and clear dataset cache if filtering changes aren’t reflected.

Best Practice Order
1) Filter out VMs at the **source/ETL Prepare** layer.
2) Otherwise, use **Transform Map onBefore** (skip rows with `ignore = true`).
3) Add CMDB safeguard only if needed for defense-in-depth.

TL;DR
Yes—exclude VMs by filtering in the ETL Prepare stage or, in a classic Transform Map, set `ignore = true` when model/manufacturer indicate virtualization. Validate with Transform History and CMDB checks to ensure VMs no longer flow in from Intune.