Remediation Target Rules - how to delete?

Lord Omicron · ‎08-15-2019

What role is needed to be able to delete Remediation Target Rules? I have sn_vul.admin role but I don't get the option to delete them. Is there another role specific to these rules?

Chris McDevitt · ‎08-16-2019

That is a different question entirely!
🙂
And what is really asking is how can I remove Remediation Target Rule 'X' from all of my VITS? That is a bit more complicated. You will probably need a script for this one. So....

(You will need to test this out this script thoroughly.)

var rule_sys_id = '2664a291db896b0020949015ca961951';//Find and replace from your intance

var update = false;

var gr = new GlideRecord('sn_vul_vulnerable_item');

gr.addEncodedQuery('ttr_applied_rule='+rule_sys_id);

gr.query();

while(gr.next()){

if(update){

// +++Test in your dev instance +++

// Let the schededule job 'Evaluate remediation targets' run and see what happens

/*

gr.ttr_calculated = false;

gr.ttr_target_date = '';

gr.ttr_status = '';

gr.ttr_applied_rule = '';

gr.update();

*/

}else{

gs.info('This would update: ' + gr.number);

}

View solution in original post

Dan Daugherty · ‎08-16-2019

You beat me to it!

Lord Omicron · ‎08-16-2019

That's all well and good and I had done that already before I posted my question. The issue I was trying to resolve is that even after I made the rules inactive, the Vulnerable Items are still showing that they are past their remediation targets. That's what I'm trying to remove. Does that make more sense?

Chris McDevitt · ‎08-16-2019