Autoclose Vulnerable items on Retired CIs

AndrewP · ‎02-24-2022

We just upgraded to VR version 15, where autoclose retired CIs is a checkbox, which we have checked. However, we changed some CIs to retired state and their vulnerable items have not closed after multiple days. Is there somewhere in VR we can look to show why this feature is not working?

Thanks,

Andrew

Shivam Sarawagi · ‎02-24-2022

Hi,

Which column in cmdb you using to mark asset retired?

Thanks,

Shivam

Sulabh Garg · ‎02-25-2022

Hello Andrew,

I believe you are following the below procedure/configuration steps

Configuration steps-

Navigate to Vulnerability Response > Auto-Close Configuration > Configuration Item Lifecycle.
To automatically close vulnerable items associated with the retired CIs, select the Auto-close VIs linked to retired CIs check box.
Select Update.

Note: If a CI is already retired before the Auto-close VIs linked to retired CIs option is enabled, VIs are created only for new detections from scanners. The state of these VIs is Closed and the substate is CI Decommissioned.
You cannot reopen VIs whose state is CI decommissioned, using the Reopen or Bulk Edit options.

For more info, Please see this Automatically close vulnerable items related to retired CIs

Please Mark ✅ Correct/helpful, if applicable, Thanks!!

Regards

Sulabh Garg

Please Mark ✅ Correct/helpful, if applicable, Thanks!!
Regards
Sulabh Garg

Sulabh Garg · ‎02-25-2022

Also please check this scheduled job which runs on daily basis.

Please Mark ✅ Correct/helpful, if applicable, Thanks!!
Regards
Sulabh Garg

AndrewP · ‎02-25-2022

Hello Shivam and Shulabh,

We have followed those steps. I am not sure how to find that scheduled script execution, is there an easy way to find that location? I will attach a screenshot of what we did.

Thanks,

Andrew