- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-13-2022 12:44 AM
Good morning,
I'm trying to figure out a scenario that involves remediation task (grouping) rules, manual splitting and updates when new VITs come in.
A remediation team member reported that he split one of his (rule-generated) remediation tasks to isolate a specific vulnerability and a couple of days later new items (not matching) were automatically added to his new remediation task.
I'm now trying to understand how the system picks a remediation task when grouping:
1) Let's assume we have a remediation task rule
2) It generates a single remediation task "TaskA" for an assignment group
3) Remediation owner splits the remediation task and generates a "TaskB" with a subset of the items from "TaskA"
4) If a new VIT comes in that matches the definition of the rule from (1), where does the new item get added and how does the system choose the right task? Let's further assume state is "Open" for both of them.
The observation we made was that in our case we think that new items were added to "TaskB" which does not necessarily make sense especially because they did not match the criteria used for the manual split.
Bonus question: where can I find the code that does grouping?
Christoph
Solved! Go to Solution.

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-18-2022 01:02 AM
Hi Christoph,
I agree to the point you mentioned. Seeing your group rule, If the assignment group and selected business application is same for both the remediation task. Servicenow can randomly pick any remediation task. Maybe picking up the recently created one.
Regards,
Deepankar Mathur

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-28-2022 02:08 AM
Hi Christoph,
Need some time to review the code that is actually doing this work and answer your question but I had found script include that is doing the work. It goes by the name "VulnerableGroupRule"
https://instance.service-now.com/sys_script_include.do?sys_id=7fe113986710030017f141119585ef0e
Regards,
Deepankar Mathur