Define fields and weights for the risk rule
Customize the parameters and weights for the risk rule so that you can generate risk scores that use the test and asset data that are unique to your organization. By selecting the fields that are included in the risk rule, you can define an effective risk scoring framework.
시작하기 전에
Role required: sn_vulc.admin
프로시저
- Navigate to All > Configuration Compliance > Administration > Risk Calculators.
- Click Default Risk Calculator.
-
Select the target field as Risk Score.
The New Risk Rule button displays on the Calculator Rule table.
- Click the New Risk Rule button to navigate to the Configuration Compliance Risk Rule form.
- In the Risk Calculator Criteria section, set the weight for each criterion according to its importance in the overall risk score calculation.
- Clear the Active check box, to deactivate the rule.
- Click Add Criteria to add risk rule fields to the Risk Calculator Criteria.
-
On the form, fill in the fields.
표 1. Risk rule field form Field Description Choose reference table The table that you use to define the risk score weightage. Select from the following options:- Test Result: Add fields that are you can directly dot walk to from the Test Result (TR).
- Test Result - Configuration Item: Add dot
walkable fields that are part of the base table
extensions, such as the Hardware table.
These fields are not part of the base cmdb_ci table.
- Test Result - Test: Add dot-walkable fields that are part of the tables that extend the base table, for example, Third-party Entry. These fields are not part of the Configuration Test base table.
- Test Result Reference Table: Add fields that are a part of the Related tables (m2m) or tables that have a reference to the test result. These fields are not directly dot-walkable from the Test Result.
- Configuration Item Reference Table: Add fields that are a part of the Related tables (m2m) of cmdb_ci or tables that have a reference to cmdb_ci. These fields are not directly dot-walkable from the TR.
- Test Reference Table: Add fields that are a part of the Related tables (m2m) of sn_vulc_test or tables that have a reference to sn_vulc_test. These fields are not directly dot-walkable from the TR.
- Custom Conditions: Use this option to assign weights to the rule by evaluating the condition. For example, the Internet-facing filter determines if a configuration item (CI) is external or internal.
Field The field used for risk score calculation for this rule. Weight Weightage of this field within the risk rule. The value must be an integer from 0 through 100. Table - Test Result > Configuration Item
- Test Result > Test
- Test Result Reference Table
- Configuration Item Reference Table
- Test Reference Table
This field appears only when any of the listed options is selected from the Choose reference table field.
Aggregation Select the minimum or maximum value to be considered for calculations when field is selected from the Related tables (m2m). This field appears only when a reference table is selected from the Choose reference table field.
Define value weightage Component to assign weights to each field value. For numeric fields, define field values as a range (for example, 1–5). The value must be an integer between 0–100. This field does not appear if the Custom Conditions option is selected from the Choose reference table field.
Condition table Select a condition from the list. This field appears only when Custom conditions option is selected from the Choose reference table field.
Field name Enter a name for the risk criteria. This field appears only when Custom conditions is selected from the Choose reference table field.
Condition Preview the items in this table that match the defined conditions. This field appears only when Custom conditions is selected from the Choose reference table field.
- Click Submit.
다음에 수행할 작업
In the Rule page, activate and reapply the rule to reevaluate the risk score on the active test result.