Exploring Instance Scan
Summarize
Summarized using AI
This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.
Summary of Exploring Instance Scan
Instance Scan is a tool designed to assess the health and security of your ServiceNow instance by running focused checks against tables, records, or metadata. It helps detect security vulnerabilities, upgrade best practices, manageability issues, user experience, and performance concerns. The tool provides visual insights through a dashboard and supports various scan types to suit different needs.
Show less
Note that Instance Scan has limited support for domain separation; findings are segregated based on the domain of the source record.
Key Features
- Checks: Individual rules configured to detect specific anomalies or improvement opportunities within your instance.
- Results: Reports generated after scans that summarize the status and type of scan executed.
- Findings: Records identified as violating a check rule, highlighting potential issues requiring attention.
- Dashboard: A comprehensive visual interface showing the overall health of your instance based on scan results, helping you analyze and manage findings effectively.
- Quota Rules: Controls that set execution thresholds to prevent scans from running too long, ensuring system performance is not impacted.
- Scan Types:
- Full Scan: Runs all active checks across the entire instance to provide a broad health assessment.
- Point Scan: Targets a specific record, update set, or application, running only the relevant checks for that item.
- Test Scan: Allows testing of a single check to verify its effectiveness before running full scans.
- User Roles: The
scanuserrole enables users to create checks, execute scans, view findings and results, schedule scans, and monitor instance health.
Key Outcomes
- Identify and address security, performance, and upgrade-related issues within your instance proactively.
- Manage scan execution efficiently with quota rules to avoid prolonged system impact.
- Gain actionable insights through a centralized dashboard to maintain optimal instance health.
- Customize scanning scope with full, point, or test scans to fit different operational requirements.
- Empower designated users with appropriate roles to maintain and improve instance quality over time.
Next Steps
To maximize the value of Instance Scan, ServiceNow customers should explore detailed guides on configuring the tool, creating and managing checks, executing different types of scans, and analyzing results via the dashboard. This foundation helps maintain a secure, manageable, and high-performing ServiceNow instance.
If you are new to Instance Scan, read this overview to learn what the tool can do. Follow the tutorial to create checks and execute scans that uses most basics of Instance Scan features.
Note:
Instance Scan doesn't fully support domain separation. Findings are visibly
domain separated based on the domain of the source record. For more information see Domain separation.
Instance Scan overview
Instance Scan uses the following records, components and scan types.
- Checks
- Checks are singular focused rules that detect anomalies or opportunities in an instance. These checks can run against tables, records, or metadata. Checks are defined to identify security, upgrade best practices, manageability, user experience and performance vulnerabilities. See Getting started with checks for more information.
- Results
- An Instance Scan result reports the status and type of the scan. See Results for more information.
- Findings
- A finding is a reference to a record that has violated a rule from a check on the instance. See Findings for more information.
- Dashboard
- The Instance Scan dashboard is a system-wide visual representation of the health of your instance. The dashboard helps you manage and analyze the full scan results against your instance. See Instance Scan dashboard for more information.
- Quota rule
- A quota rule determines the execution threshold of a scan. The quota rule prevents the instance from running long scans. For example, any scan running longer than the threshold set by the quota rule will result in a failure. See Quota rules for more information.
- Full scan
- Execute a scan for the entire instance by selecting Execute Full Scan. Implementing a full scan runs all the active checks present in your instance.
- Point scan
- Execute all applicable checks against a single record, update set, or an application by selecting Run Point Scan. For example, if you execute a point scan against a business rule, only the checks that are applicable to the business rule table run, and only that single target record is scanned. If you execute an update set scan or an application scan, all records related to that update set or application are scanned. See Execute an app scan and Execute an update set scan for more information.
- Test scan
- Execute a test scan to verify if the check works as expected. The test scan enables you to test a single check instead of a full scan by selecting a single check and selecting Test Check on the Check form.
Instance Scan users
Instance Scan has the following roles.
| Users | Description |
|---|---|
| scan_user | The scan_user role can run different types of scans and view the findings and results. |
Instance Scan benefits
| Benefit | Feature | Users |
|---|---|---|
| Create checks and check suites to know the health of your instance | scan_user | |
| Execute scans on the created checks to review the instance health | Executing a scan | scan_user |
| Scheduling of scans and suite scan | scan_user | |
| Monitor your scans to ensure no health issues of your instance | Monitoring a scan | scan_user |
| Manage and analyze the results of full scan against your instance | Instance Scan dashboard | scan_user |
What to explore next
To learn more about using Instance Scan, see: