I’m working with a client that uses Rapid7 and Microsoft TVM with ServiceNow VR. A large percentage of discovered items remain unmatched, so VR creates many fallback CIs (Unclassed Hardware / Incomplete IP Identified Device).
We need clarity on what happens when a later scan can match the discovered item with the CMDB:
- If a discovered item was previously unmatched and created a fallback CI, but a later scan contains enough data, or the CMDB has since been updated, to allow a correct match, what happens to the old fallback CI?
- Does VR link the item to the correct CI and leave the fallback CI orphaned?
- Will fallback CIs be reused, reclassified, merged, or simply remain as duplicates?
We are also evaluating:
- Whether it's safe to clean up or delete fallback CIs,
- Whether suppressing fallback CI creation (to some extent) is a viable approach,
- How to correctly use the “Reapply Lookup Rules” function,
- Can IRE functionality be of any help
Before making changes, we want to understand the risks and best practices, especially in environments with high unmatched rates.
Does anyone have experience or guidance on how fallback CIs should be managed effectively?
Thanks!
