Working with retired configuration items

  • リリースバージョン: Australia
  • 更新日 2026年03月12日
  • 所要時間:3分

    • Decommissioned configuration items (CIs) are moved to retired, archived, or deleted state in the Configuration Management Database (CMDB). Vulnerability Response contains vulnerable items (VIs) that are made up of CIs. When the state of a CI is updated to retired, the associated VIs are closed with the substate 'CI decommissioned'.

    注:
    Starting with v25.0.3 of Vulnerability Response, a new auto-close rule 'CI Decommissioned' is introduced to close the vulnerable items and detections related to decommissioned CIs.
    If the CMDB changes the life cycle stage status of a CI to retired, you can choose to automatically close the associated VIs. For more information on automatically closing the associated VIs, see Automatically close vulnerable items related to retired CIs.

    The retired CI is eventually archived or permanently deleted from the CMDB.

    Impact of retiring the CIs:
    • Impact on discovered items: When the CI is retired, the related discovered item (DI) is marked as 'CI decommissioned'.
    • Impact on vulnerable items: When the state of a DI is updated to 'CI decommissioned', the associated VI is closed and the Notes section is automatically updated.
      注:
      The state of a DI is automatically updated to 'CI decommissioned' whenever the life cycle state of a CI is updated. On the other hand, the state of a VI is updated to Closed only when the Auto-close VIs linked to retired CIs option is enabled. For more information on automatically closing the associated VIs, see Automatically close vulnerable items related to retired CIs.
    The scheduled job Close detections/VIs for decommissioned CIs is run daily for the updated DIs. If the auto-close configuration option is enabled for retired CIs, it identifies the DI containing a decommissioned CI, and closes the related VI with the substate 'CI decommissioned'. If all the VIs in a remediation task are closed and their substate is CI decommissioned, the remediation task is also closed with the substate 'Canceled'. To view the decommissioned VIs, navigate to Vulnerability Response > Vulnerable Items > Decommissioned.
    注:
    If a CI moves back to the original state from the 'Retired' state, the 'Discovered Items' entry is updated as well. VIs are automatically opened when data is ingested again from the scanner.