True/False Custom field(s) for Vulnerability Calculator not working as expected

Patrik Z
Giga Guru

Hello Community people,

we have a bit of an issue with using a custom field for Vulnerability Calculator, specifically a true/false field. 

 

For instance, when I use an OOTB field, the Risk Rule field takes into consideration the data type like a choice field

PatrikZ_0-1693382132471.png

 

But when I tried to use the custom field that is simply a boolean type I don't get that choice and have to use a string value for evaluation

PatrikZ_1-1693382242331.png

 

The screenshots are taken from the same instance and they both use the same path to get to the specific fields, i.e.:

- CI Reference table > Related Services [sn_vul_m2m_ci_services]

- and then I use the Service reference field to get to those field

 

Is there something I'm missing? Why don't I have only the true/false choices for the custom field and how do I do that?

 

Any help would be appreciated. Thank you

2 REPLIES 2

Patrik Z
Giga Guru

It seems I was wrong. It's not about a custom field but the True/False in general. I tried to use the Active field on the Vulnerable Item itself and got the same result - I can specify only string as the field value but I'm not limited to two options

PatrikZ_0-1693464905231.png

 

So the question now is if it's something in the platform configuration (unlikely as it's the same in my PDI that is OOTB) or just that the Vulnerability Calculator doesn't support the True/False field and why?

andy_ojha
ServiceNow Employee
ServiceNow Employee

Hey there,

 

Can confirm that within the VR Calculator Risk Rule - the <boolean> type fields do not break down automatically into a simple (true/false) values, to set the Field values and Weights - as the traditional <choice> fields do.

 

That said, the functionality is still there to use the <boolean> fields as Field Values in the Risk Rules - you just need to add the string for (true) or (false) and set your weights.

 

Totally agree - its not intuitive - but have used the boolean field for CISA exists, and it does work with the Risk Rule weights and VR Calculator to set the Vulnerable Item Risk Score.

Reference

__andyb2poYQ___0-1693514679213.png

__andyb2poYQ___1-1693514688342.png