Automatic Assignment of Support Groups based on Business Service associate with CI

Imran Minhas
Kilo Contributor

Hello Folks, 

My very first post on the platform, a fairly new person to ServiceNow; especially when it is about something that is not out-the-box. 

I have a request where the customer wants to have the following done when a vulnerable item is identified:

WHEN a vulnerability is identified 

THEN automatically assign the vulnerability remediation task to the support group that is responsible for supporting the business service associated with vulnerable CIs. 

So I basically need to write something that would go ahead and look for the support group that supports the business service that is associated with the CI. 

Hope I have been able to put it down here in plain english. 

Would appreciate the support. 

1 ACCEPTED SOLUTION

No. There wont be any such scripts. You will need to write it on your own. Because it all depends on how your CMDB relationships are created.

You need to query the cmdb_rel_ci table and find out the corresponding Application and then from Application find out the corresponding Business Service.

 

For ex

answer = '';

//Query the Application

var rel1 = new GlideRecord('cmdb_rel_ci');

rel1.addQuery('child',current.cmdb_ci);

rel1.addQuery('parent.sys_class_name','cmdb_ci_appl');

rel1.query();

 

if (rel1.next())

{

//Query the Business Service

var rel1 = new GlideRecord('cmdb_rel_ci');

rel1.addQuery('child',rel1.parent);

rel1.addQuery('parent.sys_class_name','cmdb_ci_service');

rel1.query();

if (rel1.next())

{

answer = rel1.parent.support_group; // assign the support group of Business service

}

}


Please mark this response as correct or helpful if it assisted you with your question.

View solution in original post

7 REPLIES 7

Hi Sanjeev,

Good morning and sorry to write my query in this post due to urgency.

 

Could you please have a look at my below requirement and suggest the solution.

I have written the query business rule but itis not working.

 

I have one requirement, could you please have a look and help me with steps and code for better understanding.

I have created one ABC group and XYZ service, now my requirement:

Condition : If any Incident gets created on XYZ service then - 

1) Anyone can create incident/change/request records using XYZ service but only record creator and member of ABC group can view the records.

2) ABC is support group of XYZ, so only members of ABC can modify and work on the records.

3) If possible even system admin can not see the records. (I unchecked the Admin Override in when created Write ACL with Type is Record)

 

My code:

(function executeRule(current, previous /*null when async*/) {
if(gs.getUser().isMemberOf('Human resource')&&(gs.getSession().isInteractive()))
{
var u = gs.getUserID();
current.addQuery('business_service', 'HR').addOrCondition('opened_by','u');


//.addOrCondition(gs.getUser().isMemberOf('Human resource'));
//.addOrCondition('business_service','==','4e4aabd0db033340d68c5c00cf961995'); 

}
})(current, previous);

 

Also for 2nd and 3rd requirement , I have created write ACL as shown below but this is not working as well.

Type : Record , Admin Override box: Not checked, Condition: Business Service IS HR (When the service is HR then only this ACL should get applied)

Code: 

answer=false;
if(gs.getUser().isMemberOf('Human resource'))
{
answer=true;
}

andy_ojha
ServiceNow Employee
ServiceNow Employee

Hey there - Welcome to the SecOps Community.

Looks like you've gathered some replies here with sample scripts to build from that could be employed in a VR Assignment Rule, based on your posted question.

You'll want to consider the scenario of a CI being associated to multiple Business Service(s) - i.e. which one wins, and should be used for assignment?

Probably want to review this w/ your customer, to determine if their CMDB data has an appropriate attribute on the CI itself -> such as [CI.Support group], that can be leveraged for assignment of the "vulnerability remediation task".

Thanks for your point on a CI having one-to-many relationship, this is definitely a point in consideration.