Hi all, Does anyone know what the filter is based on for the "Asset Category" when using the Watch Topics? The entries are "Infrastructure" and "Cloud" however I'm not sure how those are setup or what the actual filters are based on. Thanks!Nate
Hi I need a assessment on incident resolution. How can i achieve this?
Hello,Splunk has created 1900 notables whereas only 950 security incidents were created in ServiceNow. What could be the reason for all the notables not getting created on SIR, is there any rate limit?
During the Qualys ingestion and CI Lookup Process if there is no matching CI in the CMDB an Unmatched CI, Unclassed hardware and Incomplete IP record is create their associated tables (sn_sec_cmn_unmatched_ci or cmdb_ci_incomplete_ip or cmdb_ci_uncla...
We're looking into moving from custom flow of ingesting Tenable.io WAS scans to the OOTB integration.For those customers who are already using the OOTB integration, what are the challenges you are facing in Tenable.io WAS? Thanks!
Hi ,In vulnerability response , we have some with vulnerable items with out any detections tagged to it and we have some vulnerable items which are not in closed state even though the detections associated with them are in stale state. Can any sugges...
Hi, If Tenable VIT is Resolved then, Can we Trigger an automated Scan? Thanks & Regards,Titiksha
We have the sn_vul.rerun_task_rules set to true but the VIT unassign action is not removing the VIT from the original Remediation Task. The VIT and VUL/RT are still linked and the assignment groups are different. The states are all OPEN. Not related ...
Hello, I need to update the push notifications that are sending when an Onboarding Journey and LE are initiated.I just need to update the push notifications to only send for some activities when launched. Also a need to deactivate push notifications ...
We are ingesting Qualys test results from multiple Qualys instance... let's refer to them as Qualys A and Qualys B. Each Qualys instance has different policies and ingesting test results from each instance results in policies being recorded in the sn...
Hi,How to change the default tab for Security Incident Response workspace?When I open a security incident from workspace, the tab defaults to 'Overview'. Instead it should be defaulted to 'Details' tab when users open the record. Please assist.
Hi all,how is the risk rating field calculated in VR? any pointers on this please provide,Thanks in advance.
I am aware of the 'Reapply Remediation Task Rule' option from a remediation task rule, however the fact that this deletes all VUL's that are open and then recreates new ones is not an ideal solution. I created a new assignment rule, and also changed ...
Hello,I'm looking for additional information about following 3 properties:1. sn_sec_cmn.filterOutDecommissionedCIMy understanding is that if we have this property enabled, ServiceNow will not mach an vulnerability to retired CI, instead it will creat...
Some of the vulnerability items in vulnerability response module of snow are not assigned to any assignment groupFor example, A configuration item has various VITs created with different QIDs, Some are assigned to respective group., some are left una...
