Behavior of 'Auto-close VI on Retired CI' within VR module

sarahjantz · ‎07-08-2022

We enabled the 'Auto-close VI's on Retired CIs' option with the Vulnerability Response module. We then marked a CI as "retired". Both status and operational status fields for this CI were set to "retired". However, we are not seeing the existing open Vulnerable Items related to the CI change to "closed-retired".

How does this setting work? Does it only apply to new VIs created AFTER the setting is enabled?

Yasser Chahine · ‎04-22-2024

Hello Karthick,

the Life Cycle Stage and Life Cycle Status fields represent the the CSDM life-cycle states that can be mapped from the different CMDB state field (Install Status, Operational Status, etc.)

in order to get those populated, you'll need to configure Life Cycle Mapping records to populate the value of the above mentioned CSDM Life Cycle Stage and Status.

You can find here more details around the CSDM Life Cycle mapping: https://docs.servicenow.com/bundle/washingtondc-servicenow-platform/page/product/configuration-manag...

and more examples can be found on Now Create: https://nowlearning.servicenow.com/nowcreate/en/pages/assets?id=nc_asset&nc_ai_search=true&sys_id=fb...

Best Regards,

Yasser

hardik341 · ‎06-12-2025

Hi @sarahjantz ,

I have checked the scheduled job - "Close detections/VIs for decommissioned CIs" and there is some is one issue in the code in the script include being called "Close detections/VIs for decommissioned CIs".

In the function :

_processManifest: function() {

var startTimer = new GlideDateTime();

gs.info("Scheduled Job for Closed-CI decommissioned Vulnerable Items started : " + startTimer.getDisplayValue());

var rowCount = 0;

var ciDi = new GlideRecord('sn_vul_ci_di_manifest');

ciDi.query();

while (ciDi.next()) {

if (!gs.nil(di)) {

var di = ciDi.getValue("discovered_item");

var detGr = new GlideRecord("sn_vul_detection");

detGr.addQuery("src_ci", di);

detGr.addQuery("status", "0");

detGr.setValue("status", StateUtils.DETECTION_STATES.CI_DECOMMISSIONED);

detGr.updateMultiple();

var vi = new GlideRecord("sn_vul_vulnerable_item");

vi.addQuery("src_ci", di);

vi.addEncodedQuery("state!=3");

vi.query();

while (vi.next()) {

vi.setValue("state", StateUtils.STATES.CLOSED);

vi.setValue("substate", StateUtils.SUB_STATES.CI_DECOMMISSIONED);

vi.setValue("close_notes", gs.getMessage("This vulnerable item has been transitioned to 'CI Decommissioned', because the associated CI was moved to Retired state."));

vi.update();

rowCount++;

}

//remove the manifest entry after processing

ciDi.deleteRecord();

}

var endTimer = new GlideDateTime();

var duration = GlideDateTime.subtract(startTimer, endTimer);

var completedMessage = "Scheduled Job for Closed-CI decommissioned Vulnerable Items Finished : " + endTimer.getDisplayValue() + " VITs processed: " + rowCount + ". Duration: " + duration.getDisplayValue();

gs.info(completedMessage);

},

In the line "f (!gs.nil(di)) {" we are checking di before it is initialized which is causing the issue.

Please update the code as given below and it will work fine.