Remediation target rule fields
Use remediation target rules to define how remediation timelines are calculated and maintained for findings. Administrators can configure base target dates and recalculation behavior when risk ratings change. The following table describes all fields available in the remediation target rule form.
| Field | Description |
|---|---|
| Name | Name of the rule. |
| Target (days) | Number of days within which the vulnerable items should be remediated, since last opened. |
| V17.1: Target from (date) | Date from when the target SLAs are computed. You can specify only the date or the date and time type fields. Default value is Last opened date. To customize the values for this field, see KB1642413. |
| Active | Option to mark the remediation target rule as active. If this check box is cleared, this rule doesn’t apply to new vulnerable items created in the system. |
| Notify (days before due) | Number of days prior to the targeted remediation time for a notification to be sent. The notification date calculated using this value is used to show the remediation status and color coding. If the date is before the
notification date, the remediation status is “In flight.” If it’s past the notification date and before the remediation target date, the status is shown as approaching target. Remarque : If this field is set to 0, only a
Target Missed notification is sent. |
| Description | Text describing the remediation target rule. |
| Condition | Using the condition filter, select the criteria for applying the rule to the vulnerable items. To prevent performance impact, test your conditions at full production scale. Testing enables you to determine how long the
Evaluate remediation targets job takes to execute, given the conditions and the size of your Configuration Management Database (CMDB). Case sensitivity for the search text you enter in the condition builder isn’t supported on this record or form. |
| Recalculate target date | |
| Recalculation method | Method for recalculating the remediation target (RT) date when a vulnerable item’s risk rating changes. You can choose to retain the existing target date, reset it based on the latest risk change date, or reset it to the
earliest applicable date. By default, recalculation applies only to items that aren’t overdue at the time of the risk rating change. To include overdue findings in the recalculation, enable the
sn_sec_cmn.evaluate_targetmissed_records property. For more information, see Recalculate a remediation target date. |
| Notifications Remarque : The count shown in the notification email doesn’t include vulnerable items in the Deferred, Resolved, or Closed
state. |
|
| Users | The people to notify when the selected vulnerable item is approaching or passes its targeted remediation target time. |
| Group | The group to notify when the selected vulnerable item is approaching or passes its targeted remediation target time. |
| Update History | |
| Unused for initial creation of a rule. Subsequently, system work notes are logged here. | |