Delete all vulnerable items and groups

Geeky · ‎05-29-2019

Hi All,

All the vulnerable items and groups have been imported when I just enabled Knowledge base even before I setup group rules and assignment rules. Now I want to delete them and rerun the import.

Is it fine to do that?

Dan Daugherty · ‎05-30-2019

The safest way is to delete your VI's and VG's so that all the business rules run and clean out the related data too.

OR

You can avoid deleting when testing your group rules by deleting any offending groups and then running this script AS A FIX SCRIPT:

//Create a fix script under the Vulnerability Scope and run this after deleting the Vulnerability Groups you no longer want

var vgr = new sn_vul.VulnerableGroupRule()

var vi = new GlideRecord('sn_vul_vulnerable_item');

//add any queries you may want

vi.setLimit(100); //placed here to prevent a possible massive update that will impact performance. Remove when 100% sure your query is correct and you're prepared to let this run for a while

vi.query();

while (vi.next()) {

vgr.groupItemByVulnGroupRule(vi);

}

Assignments happen at the group level, so you should get new assignments for the group when the new ones are created.

Hope this helps.

View solution in original post

Lord Omicron · ‎06-14-2019

Slade,

We successfully deleted all VIs and VGs but the import is not reloading the data. It's completing successfully but says nothing new to import. Is there another record set that needs to be deleted so that it knows to start over?

Thanks.

ruzbehv · ‎03-05-2020

@Lord Omicron

Most proprobly the issue is with your integration schedule configuration. There is date/time field which is populated with the last data pull information. This is there so that you don't end up importing all the data all the time. You should clear out that field and it will begin to pull all the data.

Hope it helps.

RV.