Empty Remediation Tasks closing after upgrade - not desired behavior
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-20-2023 09:51 AM
Hi all,
We are upgrading to VR v20.0.2 (Nov 2, 23) from v18.2.4 (May 4, 23). After upgrading in a lower environment, Remediation Tasks that intentionally had no Vulnerable Items were closed with the message:
"Closed by VR System. Updated remediation task to Closed as vulnerable items are no longer associated."

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-20-2023 10:37 AM
Hey there,
This one is a bit buried and not that trivia to dissect.
It appears to start with a Scheduled Job which makes a bunch of other calls to different Script Includes, with what appears to be the Method named "closeGroupWithNoItems" being your culprit here (in Script Include = VulnerabilityGroup)...
Chain of triggers and calls:
Scheduled Job = Rollup VI values to vulnerability, Remediation Task (RT), and VI count on RT
-> Script Include = RollupCalculatorUtil
>Method = handleRollupManifest
>Method = _calculateVulnGroupRollups
--> Script Include = VulnerabilityGroup
>Method = closeGroupWithNoItems
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-20-2023 11:45 AM
I believe I have a work-around through adding snippet && (group.getValue("filter_type") != "manual") as below.
if (vgUtil.checkForEmptyGroup()) {
new sn_vul.VulnerabilityUtils().resetCountsOnVG(group);
if ((group.getValue("filter_type") != "created_by_aer") && (group.getValue("filter_type") != "manual"))
vgUtil.closeGroupWithNoItems(true);
While this means that any group in which we manually added related VI (and now may not have any) will not be considered for automated closure, we have rarely if ever use this function versus hundreds of tasks intentionally created without VI but with instructions in the task itself.