Microsoft Threat & Vulnerability Management (TVM) vulnerabilities filtering
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-20-2023 06:56 AM
Hello,
We would like to filter vulnerabilities incoming from the Microsoft Threat & Vulnerability Management integration. Right now, we don't see any option to limit this and we are getting all the vulnerabilities. We want to limit it only to get priorities 1 and 2.
The workaround coud be to limit it in the transformation script, but that could of course cause an issue in future while updating the plugin and is not that easy to maintain. Also, it will still pull all the data and just not process them so we will not decrease the data load.
Does anyone have any experience with this problem? Is there some option to filter it without hardcoding it?
Thank you,
Simon
2 REPLIES 2
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-14-2023 12:41 AM
https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1573367
Currently, you would have to maintain those customizations. You can also try creating some system property and put the condition in that.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-16-2023 01:16 AM
Our solution was to create a sys property where we state which severities we want to process. Then in the transformation script we check the sys property values with the vulnerabilities that are about to be created and stop the creation if the severity does not match.