Discovered Items form fields

  • Rversion finale: Australia
  • Mis à jour 12 mars 2026
  • 4 minutes de lecture

    • Assets are automatically matched to configuration items (CIs) in the Configuration Management Database (CMDB) when they’re imported using the CI Lookup Rules. Records for unmatched CIs are automatically created during third-party vulnerability integration imports and included in Discovered Items. However, for cloud assets that aren’t present in CMDB Cl, the record is created in the cloud resource class.

    Discovered Items fields

    The information in these records is ingested from the third-party records and classified during import.

    These fields are found on records listed in the Discovered Items [sn_sec_cmn_src_ci] table.

    To view imported data in the fields listed in the following tables, you must have, at a minimum, the sn_vul.read_all role.

    Field Description
    Number Identifier assigned to the record.
    Configuration Item Configuration item that is imported from the third-party source integration.

    Starting from v12.0, Configuration Item is the latest CI from the list of CIs after filtering the decommissioned ones.
    Class Class assigned to the CI during import by Vulnerability Response.
    Source Source that is imported from the third-party source integration.
    CI matching rule The CI matching rule that was used to create the item.
    V18.0: Matching type for the DI Matching type used to create the discovered item. Options are:
    • Created by VR
    • Created by IRE
    • Matched by CI lookup
    • Matched by IRE
    • Matched manually (Starting with v24.0.6 of Vulnerability Response, you can view this additional option. This option is set automatically if you manually update a CI on the Discovered Item form.)
    This information is only available for data that is populated for Vulnerability Response v18.0 and later. On existing data, this column doesn’t contain any value.
    Remarque :
    If you reapply the CI lookup rules, some CIs on DIs might be updated, resulting in this column being populated.
    Other matched CIs List of the other configuration items matching the CI lookup rule.
    State State of the CI that is determined during import. Choices are:
    • Matched: A matching configuration item was found in the CMDB.
    • Unmatched: No match was found in the CMDB. A placeholder record is created.
    Created Date when the Discovered Item record was created.
    Updated Date when the Discovered Item record was updated.
    Updated by User who updated the data.
    Host tag Host tags assigned to this discovered item during import. You can have up to 31 host tags per discovered item.
    Fully qualified domain name Data associated with this CI found in the CMDB.
    MAC Address Data associated with this CI found in the CMDB.
    Operating System Operating system associated with this CI.
    NetBIOS NetBIOS imported from the third-party source integration.
    IP address Data associated with this CI found in the CMDB.
    Source data Latest data associated with this CI from the source.
    V16: Initial source data Initial data associated with this CI from the source.
    V16: Reevaluate CI Receives data from the scanner. If there’s updated data, the value is set to true.
    Remarque :
    The source data values are recalculated according to the latest source data. When updated data is retrieved from the scanner, the source data is updated. The existing source data value is moved to the initial source data field. To reevaluate the discovered items, activate the Re-apply CI Lookup Rules on the Changed Discovered items scheduled job.
    Agent exists Indicates true if the agent is installed on the asset. If the hostUID and UUID values in the Source data column are empty, this value populates as true.
    Remarque :
    This field appears starting from v19.0 of Vulnerability Response.
    Starting with v23.0 of Vulnerability Response, the Test Result Compliance % (CI) column shows the percentage of test results that are compliant for the corresponding CI. To obtain this value, you must set the calcTRComplianceForCI to true in the Update remediation metrics scheduled job.
    Remarque :
    The Test Result Compliance % (CI) value populates only for the Discovered Items which have a non-empty value in either the Last Configuration Compliance scan date or Non-infra last compliance scan date columns.
    Starting with version 18.0 of Vulnerability Response, Qualys, Tenable for Vulnerability Response and Rapid7 scanners can receive the following additional metadata for cloud assets.
    Field Description
    Cloud service provider Name of the cloud service provider that offers cloud computing services. For example, Amazon Web Services (AWS), Microsoft Azure and Google Cloud Platform (GCP).
    Cloud region Location where the resource has been hosted.
    Cloud account Account provided by cloud service providers such as AWS, GCP, and so on to access cloud computing services.
    Cloud resource type Types of assets present in the cloud such as Amazon Elastic Compute Cloud (EC2) machine, AWS S3 buckets and so on.
    Resource ID Unique identifier that is assigned to a resource in a cloud computing environment. This ID is used to identify and manage the resource.
    Resource name User-defined name used to identify and manage a resource in a cloud computing environment.
    Image Virtual machine image or a server image, is a pre-configured virtual machine that contains an operating system, applications, and other software. For example, Amazon Machine Image.

    A new CI Lookup Rule, ‘Cloud Resource ID’, has been introduced to match the cloud CIs based on the cloud metadata.