Empty Remediation Tasks closing after upgrade - not desired behavior

Aaron Molenaar
Mega Guru

‎11-20-2023 09:51 AM

Hi all,

 

We are upgrading to VR v20.0.2 (Nov 2, 23) from v18.2.4 (May 4, 23). After upgrading in a lower environment, Remediation Tasks that intentionally had no Vulnerable Items were closed with the message:

    "Closed by VR System. Updated remediation task to Closed as vulnerable items are no longer associated."

 
The Remediation Tasks that were closed were in various states from Open to Resolved. They were all manually created tasks with no VI (none available or not applicable) but with resolution direction directly in the task, or in an attached file. We do not want the system closing these as they are valid tasks we send out to effect remediation work on ad hoc issues.
 
I have attempted to find where this code/action is coming from but with no luck. Can anyone point me to the specific script include, job, etc. that is making this happen? Not beyond believing that we had previously customized this behavior out and continually reverting towards out-of-box on on upgrades brought it back (timing of the closures supports this based the install being several days before work to revert skipped changes; reversion actions coincide to when the tasks closed). But I can not find where any of the changes and reversions would trigger this behavior.
 
Any insight to where the logic that does this is would be greatly appreciated.
 
Thanks,
Aaron
0 Helpfuls
  • 589 Views
2 REPLIES 2

andy_ojha
ServiceNow Employee
ServiceNow Employee

‎11-20-2023 10:37 AM

Hey there,

This one is a bit buried and not that trivia to dissect.

It appears to start with a Scheduled Job which makes a bunch of other calls to different Script Includes, with what appears to be the Method named "closeGroupWithNoItems" being your culprit here (in Script Include = VulnerabilityGroup)...

Chain of triggers and calls:

Scheduled Job = Rollup VI values to vulnerability, Remediation Task (RT), and VI count on RT
    -> Script Include = RollupCalculatorUtil
         >Method = handleRollupManifest
                >Method = _calculateVulnGroupRollups
                      --> Script Include = VulnerabilityGroup
                           >Method = closeGroupWithNoItems

Aaron Molenaar
Mega Guru

‎11-20-2023 11:45 AM

I believe I have a work-around through adding snippet && (group.getValue("filter_type") != "manual") as below.

 

    if (vgUtil.checkForEmptyGroup()) {
        new sn_vul.VulnerabilityUtils().resetCountsOnVG(group);
        if ((group.getValue("filter_type") != "created_by_aer") && (group.getValue("filter_type") != "manual"))
            vgUtil.closeGroupWithNoItems(true);

 

While this means that any group in which we manually added related VI (and now may not have any) will not be considered for automated closure, we have rarely if ever use this function versus hundreds of tasks intentionally created without VI but with instructions in the task itself.

0 Helpfuls