- Post History
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
06-17-2025 02:43 AM - edited 06-17-2025 02:44 AM
📖 Overview
Security Data Filters (SDFs) are integral to enforcing data access controls and compliance rules in ServiceNow. These filters define what data a user can see based on roles, conditions, or business logic.
However, as filters grow in complexity, they can lead to significant performance degradation—especially when applied to large datasets or high-traffic tables like task, incident, or cmdb_ci.
To proactively address this, ServiceNow provides a Security Data Filter Performance Analysis Tool. This diagnostic utility helps evaluate the real-world performance impact of any security data filter, enabling you to make informed decisions that balance security with system performance.
🎯 Key Use Case
Why use the Performance Analysis Tool?
If you're seeing slow page loads, sluggish list views, or delayed reporting, your security data filters might be the culprit. This tool helps identify how much a filter contributes to query slowness—before or after it goes live.
🛡️ Prerequisites
| Requirement | Details |
|---|---|
| 🔐 Role Required | security_admin |
| ⚙️ System Property | Must enable: glide.security.data_filter.diagnostic_enabled = true |
📌 To verify or enable the property:
-
Go to sys_properties.list
-
Search for
glide.security.data_filter.diagnostic_enabled -
If it does not exist, [Add a new system property]
🧭 Step-by-Step: Run a Security Filter Performance Analysis
Step 1: Navigate to the Data Filter
📍 Go to:
All > System Security > Security Data Filters
🔍 Select the filter you want to analyze.
✅ Tip: Target filters applied to heavily used tables or those recently modified.
Step 2: Start Performance Analysis
Under Related Links, click:
🔍 Analyze Performance
Step 3: Fill Out the Analyze Form
You'll see a form similar to this:
| Field | Description |
|---|---|
| 🔘 Data Filter | Auto-filled with the selected filter |
| 📄 Related Active Filters | See how many other filters are affecting the table |
| 📊 Table | Choose the table (e.g., incident) |
| 🔍 Encoded Query (Optional) | Use actual filter logic from a list/report view |
| 🔁 Query Runs | Enter between 10–100 for reliable metrics (recommended: 30–50) |
🧠 Encoded Query Example:
priority=1^state!=6(to simulate active high-priority incidents)
Step 4: Run the Analysis
Click Analyze Query Performance
⏳ The system runs the query multiple times, with and without the selected filter, then summarizes the results.
📈 Understanding the Results
Once analysis is complete, scroll to the Performance Summary section. You’ll see key metrics like:
-
🔺 Max / Min / Median / Mean query execution times
-
📉 Comparative performance with vs. without filter
-
🔦 Performance Impact Indicator (Low, Medium, Critical)
💡 Example Output:
| Metric | Without Filter | With Filter | Change |
|---|---|---|---|
| Median | 42 ms | 58 ms | +38% |
| Mean | 45 ms | 62 ms | +37% |
| Max | 85 ms | 121 ms | +42% |
🚦 Performance Impact Levels
| Indicator | Message | Explanation |
|---|---|---|
| 🟢 Low | Filter has no impact | 0% change in median execution time |
| 🟠 Medium | Noticeable slowdown | 0–100% increase in median time |
| 🔴 Critical | Major performance hit | >100% increase in median execution time |
📌 Critical filters should be redesigned or used conditionally.
E.g., try limiting scope, using indexed fields, or restructuring conditions.
🛠️ Pro Tips for Optimization
| Action | Benefit |
|---|---|
| ✅ Use indexed fields in filter conditions | Faster evaluations |
✅ Limit use of OR conditions |
Reduces processing complexity |
| ✅ Use dot-walking sparingly | Can lead to costly joins |
| ✅ Evaluate filters on report-heavy tables | Prevents UI slowness for end users |
📌 Common Scenarios Where This Tool Helps
-
✅ Before deploying a new security rule
-
✅ When end users report slow list loads
-
✅ During performance audits or major upgrades
-
✅ To justify filter redesign with data
📚 Additional Resources
✅ Summary
The Security Data Filter Performance Analysis Tool empowers ServiceNow platform admins to:
-
Diagnose real-time performance impact of access controls
-
Make data-informed decisions when building filters
-
Improve platform speed and responsiveness
-
Maintain compliance without sacrificing performance.
- 803 Views
- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Inappropriate Content
Thanks for sharing this comprehensive guide @Vaishnavi Lathk ! The clear steps, impact indicators, and optimization tips make it an invaluable reference for improving SDF performance.
- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Inappropriate Content
Thanks for sharing the useful ticks as it helps to reduce system loading problem . I have question on this .. is this property is active in current Yokohama release or it can work in previous release also .
