Discovered Items - remove Unmatched CI and Vulnerable Items consequences?

Go to solution
Lukasz Bojara
Kilo Sage

‎10-10-2019 05:37 AM

Hi,

 

The ACL for delete operation on Discovered Item is set to nobody. What is the reason behind it?

 

If connected Unmatched CI and Vulnerable Item will be removed and Discovered Item will be left, will it cause problems in the system?

 

Question is raised because I need to clean the Unmatched CIs, those are CIs that can not be reclassified as they do not exist in CMDB.

 

Best regards,

Łukasz

  • 2,590 Views
1 ACCEPTED SOLUTION

Go to solution
Chris McDevitt
ServiceNow Employee
ServiceNow Employee

‎10-10-2019 08:50 AM

Łukasz,
Think of the Discovered Items module as a logfile of how the CI Matching Rules handled the incoming hosts. There is no reason to "clean up" this module. When you see an ACL set to "nobody," that is a good indication that the developer did not intend users to change this.

On the surface, it does not appear as if deleting these records will impact Vulnerability Response (do a code search to see what items reference 'sn_sec_cmn_src_ci'). If you remove those items, they will just be recreated during the next import cycle.

Why do you need to delete these items?

 

Go ahead and mark this as helpful or Correct! 

View solution in original post

4 REPLIES 4

Go to solution
Satyaki Bose1
ServiceNow Employee
ServiceNow Employee

‎10-10-2019 08:24 AM

Hi Łukasz,

Did you check this - Create CMDB remediation rule

Best regards,
Satyaki Bose
Technical Support Engineer - User Experience
servicenow | Works for you™

Go to solution
Lukasz Bojara
Kilo Sage
In response to Satyaki Bose1

‎10-10-2019 10:05 AM

Hi Satyaki,

 

Thank you for your reply, it has given me some ideas for the future.

 

Best regards,
Łukasz

0 Helpfuls

Go to solution
Chris McDevitt
ServiceNow Employee
ServiceNow Employee

‎10-10-2019 08:50 AM

Łukasz,
Think of the Discovered Items module as a logfile of how the CI Matching Rules handled the incoming hosts. There is no reason to "clean up" this module. When you see an ACL set to "nobody," that is a good indication that the developer did not intend users to change this.

On the surface, it does not appear as if deleting these records will impact Vulnerability Response (do a code search to see what items reference 'sn_sec_cmn_src_ci'). If you remove those items, they will just be recreated during the next import cycle.

Why do you need to delete these items?

 

Go ahead and mark this as helpful or Correct! 

Go to solution
Lukasz Bojara
Kilo Sage
In response to Chris McDevitt

‎10-10-2019 10:03 AM

Hi Chris,

Thanks for your reply. The reason why I need to delete the Unmatched CIs is that this class is not visible for people that do not have Vulnerability Response role and they will not be given (not my decision). Those people are responsible for CMDB and they do not like the fact that there is something in CMDB that they do not see. And those Unmatched CIs are something that is not there any more.
But your answer has given me a bigger picture of Vulnerability Response, thank you for this.

Best regards,
Łukasz

0 Helpfuls