Qualys passing ephemeral data through Resource ID field

Hey everyone,

I hope you're well.

I'm reasonably new to the Security Operations side of ServiceNow so apologies if some of these questions seem reasonably straight forward.

I've been working with our IT Security team to improve the VR experience in ServiceNow and one of the issue we have going on at the moment is that we're being passed data from Qualys which doesn't match anything in our CMDB, likely because it's an ephemeral resource being spun up specifically for a short term use case and then spun back down. These are showing in the Discovered Items module with all of the source data but the Resource ID field is populating with a generated string, resembling "i-1234567890abcdef" which doesn't match anything in our CMDB. We're getting many of these which I assume are for the same resource because the tags populating the Resource Tag fields are identical between these scanned items but their IDs are different.

Unfortunately I don't have permissions to our Qualys or AWS environments, so my investigations are limited. Image from SDI record shown for reference, but many details redacted. Source data, Resource Tag, and Image all have valid data.

Does anyone have any suggestions or has this been seen before? Welcoming any guidance, advice, or suggestions, even if there are articles or training modules which will help.

Thanks in advance!