Multiple Remediation Task Rules - Processing Priority
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-22-2022 12:55 PM
I am looking to solution an issue where RHEL doesn't name vulnerabilities based on the operating system. I was thinking I could fix it by creating a new remediation task rule that only applies to Linux operating systems via a condition. I would then group the vulnerabilities first by assignment group and then by OS and vulnerability.
My question is if there is a processing priority in place on remediation task rules? If my other rule doesn't have a condition that looks at the OS, are the VIT's going to be grouped twice? My other rule simply looks at if it's active and then groups it by assignment group and vulnerability.
- Labels:
-
Vulnerability Response
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎10-06-2022 03:22 PM - edited ‎10-06-2022 03:23 PM
Hi Shelby,
Yes, a VIT can be included in multiple remediation tasks where it meets the defined conditions for each Remediation Task Rule. There is no processing priority on Remediation Task Rules like there is in Assignment Rules.
I'm not sure I understand your exact requirements, but have you given Classification Rules a look? They may provide a means to solve your situation. In a nutshell, they provide a way to add two values to a vulnerability (or Discovered Item), called Classification Group and Classification.
Once you have your vulnerabilities and/or discovered items classified, you can then use those values in things like Assignment Rules or Remediation Target Rules.
- Brad