Hello all, I have implemented the Splunk ES integration with SecOps to automate notable ingestion. We are polling Splunk to fetch notables every 4 minutes. I want to know when we send a poll to Splunk, how far in the past is ServiceNow trying to requ...
I am trying to filter the data that comes from Rapid7 to SN VR module based on the asset tags in Rapid7. Although SN provided a documentation on adding additional parameters (https://www.servicenow.com/docs/bundle/xanadu-security-management/page/prod...
One Application Service record was created when the scanned data was linked to ServiceNow.This was not included in the original scan data, and a new Application Service was created when Windows with dependencies was registered.If anyone knows the rea...
Hi folks,I have two questions about VR Tenable integration. The screenshot is from PDI.1. Can someone explain me the difference between Tenable.io and Tenable.sc?2. Which scheduled job should I keep active to import daily data from Tenable to SN?
Hi, If anyone is interested, you may consider voting this idea up: Word Doc or PDF for SIR Post Incident Review
Hi All,We are trying to integrate Splunk with ServiceNow using Splunk ES Integration for Security Operations plugin. Authentication is successful but the alert rules are not getting imported into ServiceNow. We tried the below troubleshooting steps y...
Hi All, We are currently in process of configuring the Vulnerability Response module on our instance. We are ingesting scan data from Qualys using and Defender using the OOB plugins. On some of our CIs we have both Qualys and Defender running, and t...
I need the value in Approval For field because i have to send notification to the assignment group for Vulnerable Item & Remediation Task requested, approved & reject for Exception request.
Hi all, I would like to enable the export feature that can be found on the SIR workspace, both via the homepage and list view, users have a 'Export' UI action (this appears to be the same functionality as right-clicking on the form header > export > ...
I am considering activating Flow Designer in our Vulnerability Response application.We have only a couple of workflows created historically. Does activating Flow Designer in VR have any adverse effects on current Workflows created? Or is there a mi...
Hi Everyone! Currently when we manually upload Vulnerabilities to create VITs users do not get notified when they are uploaded. I'm trying to figure out the best way to configure an email to be sent to notify users that they need to address this asa...
i need to create SIR Integration group so which roles are suitable for this group can you please suggest me
Hello All, We are seeing this weird behavior on ServicewNow Configuration compliance : >>where in we are using OOB API parameters. >>test results are getting created >>but the amount of failed test results generated by Qualys (weekly qualys report) ...
This is the remediation task rule that is configured in the configuration compliance remediation task rules table (sn_vulc_grouping_rule).What I want is to create remediation task based on the condition that if any of the Test Result is created with ...
Hello all, I just wanted to know if I can set new line "\n" as a delimiter for Splunk ES field mapping. If I do comma separation, the data looks quite shabby, as I'm trying to populate the description field with 8-9 fields. I tried putting "\n" in t...
