Is there a way to exclude IP address from being scanned by any Schedule even Quick Discovery

Curtis_Myers
Tera Expert

We have multiple IP addresses located in multiple ranges that we are wanting to be excluded from being scanned by any schedule and if possibly even Quick Discovery, is this possible?

1 ACCEPTED SOLUTION

bernyalvarado
Mega Sage

Hi Curtis,



A little bit of a customization will be require to prevent a quick discovery or any discovery to take place over an IP that's within an exclusion list.



1- You will first need to define where do you want to store your exclusion list. You can choose to use the OOB table or you may want to create your own


2- You will need to modify the logic that executes the Discovery. Both, quick discovery and discovery schedules rely on the core script include Discovery to execute its discovery routines. You need to be careful and very much aware of what's you're doing when you're taking ownership of this script include since upgrades from ServiceNow over this script will be skipped, so you better make sure the review and required merges for each upgrade are done as needed. You may also want to choose to only affect the logic that involves the Quick Discovery, if so, you could choose to modify the UI page quick_discovery and/or script include DiscoveryAjax. Still, the same warning in regards taking ownership of the script applies.



Thanks,


Berny


View solution in original post

8 REPLIES 8

sachin_namjoshi
Kilo Patron
Kilo Patron

Yes, this is possible OOB with discovery schedule.



Exclude IP addresses



Regards,


Sachin


This is the correct answer, but won't prevent an excluded IP being used in a Quick Discovery.



Edit: by any schedule, no.   You either have to go to each discovery schedule which contains that IP in its range and add the exclusion, or on the exclusion table create entries which relate to the correct parent.


adilrathore
ServiceNow Employee
ServiceNow Employee

In case certain IP's/IP ranges are critical and need to be barred from scanning you can request your internal security/firewall team to block discovery access.


bernyalvarado
Mega Sage

Hi Curtis,



A little bit of a customization will be require to prevent a quick discovery or any discovery to take place over an IP that's within an exclusion list.



1- You will first need to define where do you want to store your exclusion list. You can choose to use the OOB table or you may want to create your own


2- You will need to modify the logic that executes the Discovery. Both, quick discovery and discovery schedules rely on the core script include Discovery to execute its discovery routines. You need to be careful and very much aware of what's you're doing when you're taking ownership of this script include since upgrades from ServiceNow over this script will be skipped, so you better make sure the review and required merges for each upgrade are done as needed. You may also want to choose to only affect the logic that involves the Quick Discovery, if so, you could choose to modify the UI page quick_discovery and/or script include DiscoveryAjax. Still, the same warning in regards taking ownership of the script applies.



Thanks,


Berny