Create, enable, or, modify Vulnerability Response auto delete rules

  • Rversion finale: Australia
  • Mis à jour 12 mars 2026
  • 3 minutes de lecture

    • You can create, enable, or, modify the delete vulnerability item (VI) and remediation task (RT) delete rules. Use auto delete to remove older records from the VI and RT tables.

    Avant de commencer

    Persona and granular roles are available to help you manage what users and groups can see and do in the Vulnerability Response application. For an initial assignment of the persona roles in Setup Assistant, see Assign the Vulnerability Response persona roles using Setup Assistant. For more information about managing granular roles, see Manage persona and granular roles for Vulnerability Response.

    Starting with v30.0 of Vulnerability Response, the Administration console in the Security Exposure Management Workspace enables one-stop configuration for all Unified Security Exposure Management applications, including assignment rules, classification rules, and remediation targets. It provides consistent workflows across Vulnerability ResponseApplication Vulnerability ResponseContainer Vulnerability Response, and Configuration Compliance applications. For more information, see Configure rules to manage findings.

    Roles required:
    • admin: modify the auto delete rules
    • sn_vul.vulnerability_admin or sn_vul.admin (deprecated): view the auto-delete module

    Pourquoi et quand exécuter cette tâche

    Over time, a large amount of closed records are likely to accumulate in the VI and VUL tables in your instance. Many of these records may have been closed for more than 365 days but have not been removed. Use auto delete rules to remove many of these older, closed records. Removing these records not only significantly reduces the number of records in the VI and VUL tables, deleting them also helps you maintain high performance.

    Although auto delete targets records by default that have been closed for 365 days, the very first run may attempt to purge too many records in a single transaction. Depending on the size of your environment, you may prefer to stagger the deletion process to limit the scope of the query. For example, you might start your first run for closed records that are older than 450 days. After that run is completed, you might work your way down by smaller increments (425, 400, 375) until you have reduced the number of records that are older than 365 days.

    There are two rules supplied with your ServiceNow AI Platform® that automatically delete closed records that meet specified conditions along with any records that refer to them. One rule deletes vulnerable items, and the other rule deletes remediation tasks. By default, these auto delete rules are disabled so that you are required to activate them manually prior to deleting any records. You can choose the two pre-configured rules that are provided with your instance, or, you can create your own.

    Procédure

    1. Navigate to All > Vulnerability Response > Administration > Auto-Delete Rules.
      The list view is displayed.
      Auto delete module with the list view displayed.
    2. To edit, select the delete rule for vulnerable items (sn_vul_vulnerable_item) or the rule for remediation tasks (sn_vul_vulnerability).
    3. To create a new rule, click New.
    4. Fill in or edit the fields on the form, as appropriate.
      Field Description
      Application Name of the application in which records are being deleted. The default value is Vulnerability Response.
      Tablename Name of the table for which the rule is being applied.
      Matchfield Field for which the system monitors the duration.
      Active Option for activating the rule. Once activated, the record can be deleted.
      Cascade delete Option to delete all matching records, plus any records referring to them. If this option is not selected, only matching records are deleted, but not the records that refer to them.
      Age in seconds Age of the vulnerability record to be deleted. For both VI and RT rules, the age is 365 days. This age is displayed in seconds.
      Conditions Filter conditions defining the records in the VI and RT (VUL) tables to which the rules apply.
    5. Select the Active check box to activate a rule.
      Form completed with the Active check box highlighted but not selected.
      Once the rule is activated, the hourly platform function, Auto flush, deletes those records from the table for which the rule is activated.

      If your environment has millions, or tens of millions, of records that match your delete criteria, you may want to consult with ServiceNow customer support prior to enabling the auto delete rules to help you delete records using a phased process.