Remediation Target Rules - how to delete?

Lord Omicron · ‎08-15-2019

What role is needed to be able to delete Remediation Target Rules? I have sn_vul.admin role but I don't get the option to delete them. Is there another role specific to these rules?

Chris McDevitt · ‎08-16-2019

That is a different question entirely!
🙂
And what is really asking is how can I remove Remediation Target Rule 'X' from all of my VITS? That is a bit more complicated. You will probably need a script for this one. So....

(You will need to test this out this script thoroughly.)

var rule_sys_id = '2664a291db896b0020949015ca961951';//Find and replace from your intance

var update = false;

var gr = new GlideRecord('sn_vul_vulnerable_item');

gr.addEncodedQuery('ttr_applied_rule='+rule_sys_id);

gr.query();

while(gr.next()){

if(update){

// +++Test in your dev instance +++

// Let the schededule job 'Evaluate remediation targets' run and see what happens

/*

gr.ttr_calculated = false;

gr.ttr_target_date = '';

gr.ttr_status = '';

gr.ttr_applied_rule = '';

gr.update();

*/

}else{

gs.info('This would update: ' + gr.number);

}

View solution in original post

SanjivMeher · ‎08-15-2019

You may need to delete the associated vulnerable iems in sn_vul_m2m_ttr_status table before deleting the target rules

Please mark this response as correct or helpful if it assisted you with your question.

Lord Omicron · ‎08-15-2019

That does not appear to be it. I can't delete them there either.

jing3 · ‎08-16-2019

Hi Lord,

Out of box, it will require admin to do it. You will need to create ACL to grant other role access (need security admin to do that).

Chris McDevitt · ‎08-16-2019

Hi,

Do not delete the Remediation Target Rules, just mark them as inactive (active = false). The delete ACL is set to 'nobody' which means ServiceNow does not want you to delete this record.

Go ahead and smash that correct button or the at least the helpful button!