Data transformation for the patch orchestration integration with HCL BigFix
Summarize
Summary of Data Transformation for the Patch Orchestration Integration with HCL BigFix
This document outlines the data transformation process for integrating HCL BigFix with ServiceNow's Vulnerability Response patch orchestration. It details how data from various sources, including computer assets and fixlets, is imported and transformed within the ServiceNow AI Platform.
Show less
Key Features
- BigFix Collection Import: Data from computers and computer groups is imported into the BigFix Collection Import table using the BigFix Computer and Computer Groups Import transform map. Modifications to this map affect data processing.
- BigFix Fixlet Import: Fixlet data is imported into the BigFix Fixlet Import table. The associated transform map is crucial for accurate data handling.
- BigFix Device Fixlet Import: Relevant fixlet data related to devices is loaded into the BigFix Device Fixlet Import table, utilizing the appropriate transform map.
- BigFix Actions Import: Action data is imported into the BigFix Actions Import table, with transformation managed by the corresponding import transform map.
Key Outcomes
By leveraging these import and transformation processes, ServiceNow customers can:
- Effectively manage and respond to vulnerabilities in their IT environment by integrating data from HCL BigFix.
- Maintain accurate and up-to-date Configuration Items (CIs) through automated data processing and transformation scripts.
- Ensure comprehensive visibility into the status of patches and actions across their systems.
All transformation scripts are marked for internal use and should remain unaltered to ensure functionality and integrity of the integration.
Data is retrieved from the Vulnerability Response patch orchestration with HCL BigFix integration, processed through a set of data sources, and transformed in your ServiceNow AI Platform® instance.
BigFix Collection import
| Script | Description |
|---|---|
| OnStart (when an import set has created transformation). | Script used to initialize the values in the scope variable [sn_vul_bigfix] for the integration process. This script is for internal use and should not be modified or deleted. |
| onBefore (before an import set has completed transformation). | Script used to create and update CIs based on CI Lookup Rules and collections as well as relation between them. Based on the results, this script modifies the values in the scope variable [sn_vul_bigfix]. This script is for internal use and should not be modified or deleted. |
| onComplete (when an import set has completed transformation). | Script that is used to set the number of CIs created, updated, and ignored. This script is for internal use and should not be modified or deleted. |
BigFix Fixlet import
The data from the imported fixlets are loaded into BigFix Fixlet Import [sn_vul_bigfix_patch_update_import] table.
BigFix Fixlet Import TM is used to transform the imported information.
To access this transform map, navigate to and locate the BigFix Fixlet Import TM.
The following table lists the transform map fields by integration.
| Source field | Target field | Description |
|---|---|---|
| u_id | article_id | Unique Id of a fixlet in a site. |
| u_id | source_id | Unique Id of a fixlet in a site. |
| U_site_name | Sn_vul_bigfix_site_name | Site name in BigFix where the Fixlet relies. |
| U_display_name | Title | Title of the Fixlet. |
| [Script] | Bulletin_id | Source id of the solution. |
| [Script] | Sn_vul_solution | Solution based on the source id. |
| U_source | bulletin_source | Source vendor of the solution. |
| [Script] | Date_release | Release date of the fixlet. |
| U_category | Update_category | Category of the fixlet. |
| [Script] | Is_highest_supersedence | Boolean for if the fixlet is highest supersedence or not. |
| [Script] | Is_downloaded | Boolean of if the fixlet is downloaded or not. |
| [Script] | Integration_instance | Name of the instance from which the fixlet is imported. |
| U_source_severity | Source_severity | Severity of the fixlet. |
| U_applicable_count | Num_total | Total number of devices with missing fixlets. |
| [Script] | Last_modified | Last modified date of fixlet. |
| Script | Description |
|---|---|
| OnStart (when an import set has created transformation). | Script that is used to initialize the values in the scope variable [sn_vul_bigfix] for the integration process. This script is for internal use and should not be modified or deleted. |
| onBefore (before an import set has completed transformation). | The script that is used to update the values in the scope variable [sn_vul_bigfix]. This script is for internal use and should not be modified or deleted. |
| onComplete (when an import set has completed transformation). | Script that is used to set the number of fixlets created, updated, and ignored. This script is for internal use and should not be modified or deleted. |
BigFix Device Fixlet Import
The data from the imported relevent fixlets on computers are loaded into the BigFix Device Fixlet Import [sn_vul_bigfix_device_patch_import] table.
BigFix Device Fixlet TM is used to transform the imported information.
To access this transform map, navigate to and locate the BigFix Device Fixlet TM.
The following table lists the transform map fields by integration.
| Script | Description |
|---|---|
| OnStart (when an import set has created transformation). | Script that is used to initialize the values in the scope variable [sn_vul_bigfix] for the integration process. This script is for internal use and should not be modified or deleted. |
| onBefore (before an import set has completed transformation). | Script that is used to Create and Update CIs based on CI Lookup Rules and collections as well as relation between them. Based on the results, this script modifies the values in the scope variable [sn_vul_bigfix]. This script is for internal use and should not be modified or deleted. |
| onComplete (when an import set has completed transformation). | Script that is used to set the number of CIs created, updated, and ignored. This script is for internal use and should not be modified or deleted. |
BigFix Actions Import
The data from the imported actions are loaded into the BigFix Actions Import [sn_vul_bigfix_deployment_import] table.
The BigFix Actions Import TM is used to transform the imported information.
To access this transform map, navigate to and locate the BigFix Fixlet Import TM.
The following table lists the transform map fields by integration.
| Source field | Target field | Description |
|---|---|---|
| u_id | source_id | Unique Id of an action. |
| U_name | name | Name of the action |
| [Script] | Sn_vul_bigfix_discovered_item | Reference of the discovered item on which the patch is deployed |
| U_status | status | Status of the action |
| [Script] | Sn_vul_patch_orch_update | Reference of the patch |
| U_apply_count | Count_success | Success count of action. |
| U_retry_count | retry | Retry count of the action. |
| [Script] | Deployment_time | Start time of the action. |
| [Script] | deadline | End time of the action. |
| [Script] | Source_created | Creation time of the action. |
| [Script] | Integration_instance | Name of the instance from which the action is imported. |
| Script | Description |
|---|---|
| OnStart (when an import set has created transformation). | Script that is used to initialize the values in the scope variable [sn_vul_bigfix] for the integration process. This script is for internal use and should not be modified or deleted. |
| onBefore (before an import set has completed transformation). | The script that is used to update the values in the scope variable [sn_vul_bigfix]. This script is for internal use and should not be modified or deleted. |
| onComplete (when an import set has completed transformation). | Script that is used to set the number of actions created, updated, and ignored. This script is for internal use and should not be modified or deleted. |