I'm looking for a method of reporting on number of SIRs impacting CIs and Affected Users in a particular business division for leadership. (i.e. HR, IT, Manufacturing, etc.) I cannot use CI and Affected User attributes because often these do not li...
I just want to update choices for "alert_sensor" field. If I see the backend name of field; I could find that it is out of the box field. But I could see that it's a text field when I check in the security incident form. But when I try to configure ...
Hello all, I have created (or modified) an inbound action that creates an SIR, then adds subject to short description and so on. Everything works as expected and my regular expressions match what I am attempting to parse, however how do I get my i...
Hello All, I was looking to test the setup of a taxii profile in my developer instance. I followed the documentation on the SN website and what I found on the related website but I receive a 406 error when trying to connect. I checked with someone wh...
According to the information provided by glennpinto's answer in this link, if there are field level ACL's defined on a table then a role having only a tableName.none ACL will not have visibility to those fields. The role would need its own ACL's on ...
when i search for splunk integration plugin in servicenow develper instance,it is not present there. I want to test splunk servicenow integration for incident creation. I have developer instance from service now,any one please help how can i install ...
Hello, In the Vulnerability Response Module, we recently added Assignment Rules. Is there a way to apply these assignment rules to vulnerability groups that were created before the rules were setup? I already wrote a script to assign vulnerable ite...
hi all, we have the email inbound action part of the security incident response application and it has this out of box condition which I am not sure of is it expecting recipients to have 'sn_si' in the email address? if that is the case, do we provis...
What role is needed to be able to delete Remediation Target Rules? I have sn_vul.admin role but I don't get the option to delete them. Is there another role specific to these rules?
Update: The video and slides are now available on this page. Hello all, I am pleased to now announce that the follow-up to the February 26 tutorial, will be published on March 27 at 10am PT. This second tutorial will pick up the step-by-step guide ...
Hello all, I have a requirement to bring in all ServiceNow Security Incident Records and any available fields that could be selected into Microsoft Power BI. This is really no different that Excel Power Query but I'm running into issues and gettin...
Hello Folks, My very first post on the platform, a fairly new person to ServiceNow; especially when it is about something that is not out-the-box. I have a request where the customer wants to have the following done when a vulnerable item is identi...
Hello everyone! I'm implementing Vulnerability Response for a client and I did the upgrade to Madrid yesterday. I'm trying to update my VIs through SAM NVD. I did import all the feeds on the NVD libraries. Nothing is created.... all the business rule...
I'm trying to figure out if I should allow xlsm files (Excel Macro Enabled Workbook) into our instance. I want to say "no" just because those files can use VB and I don't know what code people write. Does anyone know if there are security concerns w...
Hi all, Can someone please explain to me how the 'Age' field is calculated on a vulnerable item. It appears to be in 'days' before change to milliseconds. I'd like to know what is the trigger point for when it changes.
