Remediation target rule fields

  • Release version: Xanadu
  • Updated December 3, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Remediation Target Rule Fields

    Remediation target rules are essential for defining how timelines for remediation of findings are calculated and maintained. Administrators can set base target dates and manage recalculation when risk ratings change, ensuring effective tracking of vulnerable items within the system.

    Show full answer Show less

    Key Features

    • Name: Identifies the rule.
    • Target (days): Specifies the number of days to remediate vulnerable items since last opened.
    • Target from (date): Sets the start date for SLA calculations; defaults to the last opened date.
    • Active: Marks the rule as active or inactive for new vulnerable items.
    • Notify (days before due): Determines when notifications are sent prior to the remediation deadline, with specific statuses assigned based on timing.
    • Description: Provides details about the remediation target rule.
    • Condition: Filters criteria for applying the rule; performance testing is recommended at full production scale.
    • Recalculate target date: Selects the method for recalculating remediation target dates based on risk rating changes.
    • Notifications: Specifies users and groups to notify as deadlines approach.
    • Update History: Logs system work notes after rule creation.

    Key Outcomes

    By implementing remediation target rules, ServiceNow customers can effectively manage the remediation process, ensuring timely notifications and updates on vulnerable items. This leads to enhanced risk management and compliance by keeping all stakeholders informed and accountable.

    Use remediation target rules to define how remediation timelines are calculated and maintained for findings. Administrators can configure base target dates and recalculation behavior when risk ratings change. The following table describes all fields available in the remediation target rule form.

    Field Description
    Name Name of the rule.
    Target (days) Number of days within which the vulnerable items should be remediated, since last opened.
    V17.1: Target from (date) Date from when the target SLAs are computed. You can specify only the date or the date and time type fields. Default value is Last opened date. To customize the values for this field, see KB1642413.
    Active Option to mark the remediation target rule as active. If this check box is cleared, this rule doesn’t apply to new vulnerable items created in the system.
    Notify (days before due) Number of days prior to the targeted remediation time for a notification to be sent. The notification date calculated using this value is used to show the remediation status and color coding. If the date is before the notification date, the remediation status is “In flight.” If it’s past the notification date and before the remediation target date, the status is shown as approaching target.
    Note:
    If this field is set to 0, only a Target Missed notification is sent.
    Description Text describing the remediation target rule.
    Condition Using the condition filter, select the criteria for applying the rule to the vulnerable items. To prevent performance impact, test your conditions at full production scale. Testing enables you to determine how long the Evaluate remediation targets job takes to execute, given the conditions and the size of your Configuration Management Database (CMDB).

    Case sensitivity for the search text you enter in the condition builder isn’t supported on this record or form.
    Recalculate target date
    Recalculation method Method for recalculating the remediation target (RT) date when a vulnerable item’s risk rating changes. You can choose to retain the existing target date, reset it based on the latest risk change date, or reset it to the earliest applicable date. By default, recalculation applies only to items that aren’t overdue at the time of the risk rating change. To include overdue findings in the recalculation, enable the sn_sec_cmn.evaluate_targetmissed_records property. For more information, see Recalculate a remediation target date.
    Notifications
    Note:
    The count shown in the notification email doesn’t include vulnerable items in the Deferred, Resolved, or Closed state.
    Users The people to notify when the selected vulnerable item is approaching or passes its targeted remediation target time.
    Group The group to notify when the selected vulnerable item is approaching or passes its targeted remediation target time.
    Update History
    Unused for initial creation of a rule. Subsequently, system work notes are logged here.