Run health scans for DevOps Change Velocity
Run health check scans on your DevOps Change Velocity instance and get recommendations on fixing any errors that may exist.
Before you begin
Role required: sn_devops.admin
Activate the DevOps Change Health Scan Content Pack application to use this feature. For information on activating a plugin, see Activate a plugin.
About this task
If you are in version (3.0 to 5.0) of DevOps Change Velocity, but you have installed the DevOps Change Health Scan Content Pack application, you can access this feature only from the Classic UI in the ServiceNow AI Platform. For more information on health scans in ServiceNow AI Platform, see Scan checks.
Scan suites are collections of security center checks that execute together. The DevOps Change Velocity Health parent suite contains the DevOps Change Velocity Health - Scheduled and DevOps Change Velocity Health - On-demand suites within it.
You can choose to run the DevOps Change Velocity Health parent scan, which will execute all the checks available in the DevOps suite of scans or run each child suite individually which will execute the checks applicable to that child suite. Using the DevOps Change Velocity Health - Scheduled child suite, you can create a schedule to regularly trigger DevOps Health instance suite scans even when you don’t have an active session. And using the DevOps Change Velocity Health - On-demand suite, you can run the available DevOps Health scan checks on a specific target to obtain focused scan results.
| Suite name | Check name | Check description | Resolution details |
|---|---|---|---|
| DevOps Change Velocity Health - Scheduled | DevOps - subflows frequently exceeding execution timeouts | DevOps capability handler subflows have a default time out limit of 45 seconds in the base system. Under normal operating conditions, these timeouts are not usually exceeded. When multiple subflows are timing out frequently, it indicates a potential issue. | Increase the timeout value for the subflow that is timing out, in the Integration Capability table. You must have the DevOps Admin role to perform this action. |
| DevOps Change Velocity Health - Scheduled | DevOps - empty roles in the base system | If any of your base system roles have an empty role reference, it could impact a wide range of DevOps functionality, including the Discover action and event processing. | See the [KB1642669] article for resolution details. |
| DevOps Change Velocity Health - Scheduled | DevOps - duplicate pipelines | The DevOps data model doesn't enforce uniqueness on key records like pipelines, which can lead to intermittent or unpredictable issues. This check identifies duplicate pipeline records in primary DevOps tables, which could cause processing problems if not addressed. | Delete the duplicate pipeline that does not have any associated pipeline executions or is not linked to an app. |
| DevOps Change Velocity Health - Scheduled | DevOps System user access | The devops.system user is used for most server side transaction processing, and in the course of that processing if it cannot access certain key tables the process will fail. Because it's not practical to verify if the user has appropriate access every time it makes a query, the failures tend to manifest indirectly, making them hard and time consuming to diagnose. This check will ensure the devops.system has appropriate access to a specific list of tables required for core product functionality. | Make sure DevOps System user exists. Ensure there are no field level ACLs on sys_connection and credential table |
| DevOps Change Velocity Health - On-demand | DevOps - incorrectly configured module access policies | If there are missing or incorrectly configured module access policies in your instance, it could impact a wide range of DevOps functionality, including tool connectivity, event processing, pipeline processing, and change creation. Auto-generated module access policies are set to reject by default. This check identifies the module access policies that are configured with the reject result state. | Set the result value of the module access policy for the DevOps application to "Track' to allow the DevOps application to access the credentials. See the [KB1112530] KB article for more details. |
| DevOps Change Velocity Health - On-demand | DevOps - change control steps with untracked pipelines | If a pipeline has change control enabled but it is not marked for tracking, a change request might not get created when it is run, and the pipeline may get stuck. | Enable tracking for pipelines under change control by selecting the Track option in the tool record page or add the pipeline to an app. |
Procedure
- Navigate to .
- In the Lists module, select Health scans > Suites.
- Select any of the scan suites based on your requirement.
- Select Execute suite scan.
Result
Once the scan is executed, you can view the results and findings of the scan in the Results and Findings lists respectively. A scan result reports the status and type of the scan. You can also see all the checks that ran as part of the scan and all other information related to the scan such as errors and scan logs. A finding is a reference to a record that has violated a rule from a check on the instance. You can find the source record and the number of times the record triggered the rules of a given check.