Remediation target rule with pause condition?

Go to solution
Ravish Shetty
Tera Guru

‎07-11-2018 07:13 AM

We are trying to use remediation target rules as a replacement for SLA's as we cannot use SLA's for Vulnerable item (sn_vul_vulnerable_item) records.

Unfortunately these rules do not have a pause condition out of box as of Kingston patch 6 and this has been confirmed by the SN support.

Can we have any workaround for pausing these remediation target rule calculation? Essentially our business case is to pause these calculation when a waiver request is submitted for any Vulnerability. Waiver requests have an end date. Once the date expires, these calculations are supposed to resume.

 

When we were using the SLA's, we achieved this by changing the state of a Vulnerable item to 'in review' when a Waiver is submitted. This would pause the SLA. There is a daily job which check if the Waiver request has expired and would change the state of the associated VI back to 'open' and this would resume the SLA.

 

find_real_file.png

Preview file
124 KB
Preview file
76 KB
0 Helpfuls
  • 2,419 Views
1 ACCEPTED SOLUTION

Go to solution
Chris McDevitt
ServiceNow Employee
ServiceNow Employee

‎09-09-2019 07:06 AM

All,

If you look at traditional SLAs they are orchestrated by a workflow. Remediation Targets are just that, a target, not an agreement. This target is just blindly updated by the Scheduled Job. With that said, it is very confusing for the uses to see the "targets missed".

Here is what I would do: In the "Vulnerability State Change Approval" workflow, I would set the Remediation Target date to the date set by the Deferral approval as the new "Remediation Target" date for the item in question.

 

Go ahead and smash that helpful or correct button!

-Chris

 

View solution in original post

0 Helpfuls
7 REPLIES 7

Go to solution
Dan Daugherty
ServiceNow Employee
ServiceNow Employee

‎07-11-2018 09:08 AM

Ravish,

Are you familiar with the deferral feature on the Vulnerable Item and Vulnerability Group? When you choose to defer either, you are prompted with a date picker that will allow you to choose when the item will open back up.

To do this, you can click on the Close/Defer button on the top of a Vulnerable Item. This button will be available when the Vulnerable Item is in an Open or Under Investigation state.

Preview file
29 KB

Go to solution
Ravish Shetty
Tera Guru
In response to Dan Daugherty

‎07-11-2018 09:17 AM

Yeah, we deactivated that feature because it didn't meet business expectation but i guess with remediation target rule in place its time to revisit that option.

Go to solution
Yvonne C
Kilo Expert
In response to Dan Daugherty

‎09-06-2019 10:00 AM

I noticed that once the deferral is submitted and waiting approval, the remediation target rule cannot be paused. Is there a way to pause this while waiting for approval or rejection of the deferral?

Go to solution
jing3
Mega Guru

‎09-06-2019 11:19 AM

There is no need to pulse the Remediation Target date. 

 

There is a scheduled job to calculate the Remediation target (by default it is daily). For Vulnerable items in the Deferred state, the job will clear the Remediation target date. For vulnerability group, the remediation target date will be the closest date of Remediation target of all the vulnerable items.