Autoclose Vulnerable items on Retired CIs
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-24-2022 04:57 PM
We just upgraded to VR version 15, where autoclose retired CIs is a checkbox, which we have checked. However, we changed some CIs to retired state and their vulnerable items have not closed after multiple days. Is there somewhere in VR we can look to show why this feature is not working?
Thanks,
Andrew
- Labels:
-
Vulnerability Response

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-26-2022 06:29 AM
Hi,
So the full story for Automatically close vulnerable items related to retired CIs is as follows:
These features utilized the new CSDM Life Cycle. These new life cycles rely on the "Life Cycle Stage Status" and "Life Cycle Stage" fields. For this to work they need to be set to Retired and End of Life:
Take a look at:
- The Reference Qualifier on "Life Cycle Stage Status"
- The Scheduled Job "Close detections/VIs for decommissioned CIs"
- The Business Rules on CMDB_CI "Update discovered items on CI retired"
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-01-2022 09:06 AM
Thanks Chris,
Since we do not utilize these fields in our CMDB (we only use CI Status), I guess we will have to customize something to autoclose.. We are moving towards San Diego at some point this year, so maybe that will change
Andrew
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-07-2022 08:13 AM
This needs to be in the main documentation (or at least called out better) because we overlooked the 'life cycle stage status=retired' portion of the first sentence. Our CMDB uses 'Status=Retired' in order to retire out a CI, and these features have not been working. Thank you for updating this community article, but these things should be made visible in the documentation, rather than here.
As to how this works, it's also problematic. Multi selector field types are not updatable from a list view. You can only do them from each CI field form, one at a time, or through scripting. This negates a lot of the value from our perspective because CI management is difficult to manage at scale in ServiceNow. It would be better to be a choice list in a drop down.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-13-2023 12:48 PM
This post has a good description of what needs to be in place for this feature to work: https://www.servicenow.com/community/secops-forum/behavior-of-auto-close-vi-on-retired-ci-within-vr-...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-29-2025 03:28 PM
This release may have provide a solution to use non CSDM lifecycle stage field.
Vulnerability Response release notes - Version 26.0.11 - May 2025
Vulnerability Response release notes
Improved accuracy for non-CSDM Vulnerability Response users: A system property (sn_sec_cmn.ci_lifecycle_status_source) has been introduced to help users who do not follow Common Service Data Model (CSDM) standards. This property ensures that DIs and associated VITs are properly marked as Decommissioned and are excluded from the CI Lookup. Additionally, the Retired Configuration Items PA indicator has been updated to accurately reflect CIs based on the decommissioning flags.