Regarding the CI placeholder record created during vulnerability data ingestion.

Ohki_Yamamoto
Tera Guru

After capturing vulnerability data, if the CI look up does not match the CI, a placeholder record is recognized to be created in cmdb_ci_unclassed_hardware.

 

Reference: https://www.servicenow.com/docs/bundle/xanadu-security-management/page/product/vulnerability-respons... hardware.html

 

Then, when the next round of vulnerability data capture is performed, will the CI look up match the CI created in cmdb_ci_unclassed_hardware and will a vulnerability match item be created?

Or are no vulnerability matching items created?

 

There is a property “sn_sec_cmn.ignoreCIClass” to ignore CI classes, but there is no table setting for the property in OOTB.
There is a similar property “sn_sec_cmn.ignoreCIClassForService”, which has a table set for cmdb_ci_unclassed_hardware.

Since there are no Docs that clearly describe the usage of “sn_sec_cmn.ignoreCIClassForService”, we would like to confirm the specification of this property.

Are tables set in “sn_sec_cmn.ignoreCIClassForService” excluded from CI look up when capturing vulnerability information?

 

Reference: https://www.servicenow.com/docs/bundle/vancouver-security-management/page/product/security-operation... classes.html

0 REPLIES 0