Built something you're proud of? Tell the story. A quick G2 review of App Engine or Build Agent helps other developers see what's possible on ServiceNow. Share your experience.

How to change or add condition on FQDN rule ?

kiran kumar m1
Tera Contributor

a week ago

I need to adjust the FQDN matching rule so that if the full FQDN does not match, it falls back to matching based on the hostname (without the domain).

In some cases, the FQDN received from Tenable does not include the domain, whereas the existing CI in ServiceNow does. I also want the rule to handle the reverse scenario—where the incoming FQDN lacks the domain but the CI record includes it, and still ensure proper matching.

 

Could someone guide me on where and how to modify the FQDN matching rule in ServiceNow?

0 Helpfuls
  • 338 Views
1 REPLY 1

Aaron Molenaar
Mega Guru

a week ago - last edited a week ago

We did this - at least half of your need - with a stand-alone scripted rule to match on hostname. We run this rule prior to any other matching rule.

 

Here are the rule values:

  Lookup method: Script

  Type: Custom

  Source field: HOST_NAME

  Condition: FQDN/Host name [contains] "."

 

Here's the script (credit to Chris McDevitt, whose source script I used).

 

(function process(rule, sourceValue, sourcePayload) {

  /*********************************
  * CI Lookup Rule Script
   *  Created by: Aaron Molenaar 7/8/24
   *  From: https://gist.github.com/cmcdevitt/f587fd766df71e76f025047a65b9e580 (Chris McDevitt, ServiceNow)
   *  Intention: regex a Hostname out of what appears to be FQDN or DNS name in Hostname field from Rapid7
   *
   * Available variables:
   * - sourceValue:  The value of the source field from incoming data that is used for lookup
   * - rule: Reference to the lookup rule that is being evaluated
   *
   * Return either:
   * - the sysid of the CI that was matched by the rule
   *  - null if there were no CI records that matched
   **********************************/  
   
    var sourceField = {};
    var ignore = global.SecProperty.getProperty("sn_sec_cmn.ignoreCIClass", "");
    sourceField[rule.source_field] = sourceValue;

    //Seperate Host Name from Domain Name
    var host_name = sourceValue.split('.');

    //Query CI records
    var cmdbci = new GlideRecord("cmdb_ci");
    cmdbci.addQuery("name", host_name[0]);
    if (!gs.nil(ignore))
        cmdbci.addQuery('sys_class_name', 'NOT IN', ignore);
    cmdbci.query();

    cmdbci = _queryMatch(cmdbci, rule, sourceField);

    //Match Found?
    if (cmdbci) {
        return cmdbci.getUniqueValue();
    } else if (host_name[0].includes('-')) { //split hostname further if it contains a dash
        host_name = host_name[0].split('-');

        //Query CI records
        cmdbci = new GlideRecord("cmdb_ci");
        cmdbci.addQuery("name", host_name[0]);
        if (!gs.nil(ignore))
            cmdbci.addQuery('sys_class_name', 'NOT IN', ignore);
        cmdbci.query();

        cmdbci = _queryMatch(cmdbci, rule, sourceField);

        if (cmdbci)
            return cmdbci.getUniqueValue();
    }

    //No match found
    return null;
})(rule, sourceValue, sourcePayload);

 

0 Helpfuls