View and modify Scan Engine definitions

  • リリースバージョン: Australia
  • 更新日 2026年03月12日
  • 所要時間:5分

    • You can modify an existing definition to further customize and refine its scanning criteria.

    始める前に

    Role required: Scan Engine admin (sn_se.scan_engine_admin) .

    While only Scan Engine admins can modify definitions, any user with the Scan Engine user role can view them.

    手順

    1. Navigate to ALL > Impact > Platform Health > Definitions.
    2. Select a definition number to open its details.
    3. To modify a base system definition’s properties, select Override Definition.
      When a definition is overridden, the base system definition will no longer be used in any scan (real-time, scheduled, update set, application, or on demand). All fields in the overridden definition become editable.
    4. Modify the required and optional fields.
      • Refer to Create custom Scan Engine definitions for details.
      • In addition to those fields, when viewing an existing definition, you will also see Override. To modify a base system definition, use the override field to disable it and create a new custom definition.

      The definition is overridden to create the current definition.

      This field is only visible if a base definition has been overridden using Override Definition. Deleting an overridden definition re-enables the base system definition.

      注:
      Overridden definitions are considered custom definitions. As a result, they are included in the count of 10 active custom definitions limit for Guided customers.
    5. Select Update.
      Selecting Delete will delete the override, meaning the base system definition will be used going forward.

      Related lists appear at the bottom of the definition screen.

      オプション説明
      Applicable Tables Displays all tables scanned by the definition, as well as the conditions table records must match in order to be scanned.

      To add a table to the list:

      1. Select New.
      2. In the New Applicable Table form, define the potential tables to scan:
        • Definition: The definition that applies to this record. For the table defined in this record, if the condition matches, the definition in this field will record a finding.
        • Table: Specific table that the definition runs against.
          • Configuration tables: Definitions run against tables that extend the application file (sys_metadata). Scans of these tables can be monitored in real time.
          • Non-configuration tables: Definitions run against all other tables. Scans of these tables cannot be monitored in real time and will only be seen in the results of an update set, application, or other on-demand scan.
        • Global Scope: Some global tables have a type of restricted access, called Caller Restriction. Special handling is required to access these tables from the Scan Engine scope.

          See Restricted Caller Access for more information.

        • Conditions: Defines the conditions that table records must meet in order to be scanned.
      Findings For This Definition Displays any findings, as established by the definition, found during on-demand or scheduled scans.
      Resolved Finding Histories Shows findings that were resolved for this definition.
      Scan Engine Suites Displays all suites assigned to the definition, which allows for scanning entire suites of definitions. Suites are also used in reporting within the Analytics Dashboard. For more information, see Create Scan Engine definition suites.

      To assign suites to a definition:

      1. Select Edit.
      2. In the Edit Members form, assign one or more suites to a definition:
        • Collection: List of available suites that can be assigned to a definition.
        • Scan Engine Suites List: Assigned suites for the current definition.