How is Rollup Calculator applied to a Vulnerability Group

Go to solution
Jazz1
Kilo Contributor

‎01-29-2019 12:44 PM

Hi,

    I need to understand how the process behind rollup calculators works. I do know it uses a weighted average of scores but what I need to know is how do you apply a calculator to a vuln group or groups. Unlike vulnerability calculators where there is something called "Calculate Business Impact" I don't see anything similar for Rollup Calcs. 

Another question is I have two Rollup calculators defined in my Developer Instance, one that came with the base system and the other was a custom calculator I created. Now that there are two calculators, I presume the system will apply both the calculators to whatever vuln groups you want. How would you keep inactivate one and keep the other active? 

I did see a background job called Rollup Vulnerability Score which upon execution does not return anything. Where would I find the logs for this job in particular? 

Thanks

Jazz

Labels:
0 Helpfuls
  • 2,618 Views
1 ACCEPTED SOLUTION

Go to solution
Sandeep Kumar6
Giga Guru

‎03-14-2019 05:36 AM

Hi Jazz,

Vulnerability Calculator Group:   

  1. Risk Score
  2. Vulnerability Impact

The vulnerability rollup calculator is a background script, that performs its calculations based on the weighting assigned to different values. The calculator takes all the risk scores of the vulnerable items in a vulnerable group and bases its calculations on the following fields:

  • Maximum risk score
  • Average risk score
  • Count of vulnerable items

 

find_real_file.png

 

Vulnerability calculator groups automate calculations on multiple vulnerable items. Calculations are performed on risk scores, priorities, and assignment groups using one or more fields from the vulnerable item table. The condition for each calculator is evaluated in order, and the first matching calculator is used.

All enabled vulnerability calculators in the Vulnerability Calculator Group run each time a vulnerable item is changed or when the Calculate Business Impact related link in a vulnerable item is used. 

Business rule which are running to calculate Risk Score.

  • Update SI risk score

For reference :

https://community.servicenow.com/community?id=community_question&sys_id=1c08f3aedb8f2700f0612183ca961919

To calculate Risk score for Security Incident 

https://community.servicenow.com/community?id=community_question&sys_id=e2a051f1dbccf3005129a851ca9619ca

 

Please hit correct if this helped you.

Regards

Sandeep

View solution in original post

6 REPLIES 6

Go to solution
Nicole Allen1
Kilo Contributor

‎02-04-2019 03:56 PM

Hi Chris,

 

Once you have configured the Rollup Calculator, I understand it then assigns a risk score for each Vulnerability Group. How do you then configure a calculator to automatically define the priority rating of a Vulnerability Group based on its risk score?

 

When I try to create a new Vulnerability Calculator Group, it doesn't allow me to select the Vulnerability Group table.

 

Thanks Chris!

0 Helpfuls

Go to solution
Sandeep Kumar6
Giga Guru

‎03-14-2019 05:36 AM

Hi Jazz,

Vulnerability Calculator Group:   

  1. Risk Score
  2. Vulnerability Impact

The vulnerability rollup calculator is a background script, that performs its calculations based on the weighting assigned to different values. The calculator takes all the risk scores of the vulnerable items in a vulnerable group and bases its calculations on the following fields:

  • Maximum risk score
  • Average risk score
  • Count of vulnerable items

 

find_real_file.png

 

Vulnerability calculator groups automate calculations on multiple vulnerable items. Calculations are performed on risk scores, priorities, and assignment groups using one or more fields from the vulnerable item table. The condition for each calculator is evaluated in order, and the first matching calculator is used.

All enabled vulnerability calculators in the Vulnerability Calculator Group run each time a vulnerable item is changed or when the Calculate Business Impact related link in a vulnerable item is used. 

Business rule which are running to calculate Risk Score.

  • Update SI risk score

For reference :

https://community.servicenow.com/community?id=community_question&sys_id=1c08f3aedb8f2700f0612183ca961919

To calculate Risk score for Security Incident 

https://community.servicenow.com/community?id=community_question&sys_id=e2a051f1dbccf3005129a851ca9619ca

 

Please hit correct if this helped you.

Regards

Sandeep