Thank you for your feedback.
Form temporarily unavailable. Please try again or contact docfeedback@servicenow.com to submit your comments.
Versions
  • London
  • Kingston
  • Jakarta
  • Istanbul
  • Helsinki
  • Geneva
  • Store
Close

Tables installed with Security Support Common

Tables installed with Security Support Common

Security Support Common adds the following tables.
Table 1. Tables installed with Security Operations Common Support
Table Description
Additional Filter Group Condition

[sn_sec_cmn_m2m_filter_group_condition]

Contains conditions associated with filter groups. Filter groups can have multiple conditions associated with a single filter group.
Email Parser

sn_sec_cmn_email_transform

Indicates how to parse email events into records.
Duplication Action

[sn_sec_cmn_duplication_action]

When an email rule is set to ‘Update duplicate record’, defines the actions that should take place to update the record.
Duplication Rule

[sn_sec_cmn_duplication_rule]

Defines rules on how to define and handle duplicate records created using the email parser.
Enrichment Data

[sn_sec_cmn_enrichment]

Enrichment table containing basic information gathered during a specific enrichment process.
Enrichment Data Mapping

[sn_sec_cmn_enrichment_data_mapping]

Table that holds the enrichment mappings.
Enrichment Data Mapping Base

[sn_sec_cmn_enrichment_data_base]

Base table for specific enrichment tables, holds general fields that are common among different enrichments. Only used for table inheritance (for example sn_si_network_statistics).
Enrichment Data Mapping Field

[sn_sec_cmn_enrichment_data_mapping_field]

A field mapping for the enrichment process.
Escalation

[sn_sec_cmn_escalation]

Defines an escalation group for security incidents.
Exchange Search

[sn_sec_cmn_exchange_search]

Groups different search criteria.
Exchange Search Criteria

sn_sec_cmn_search_criteria

Search Criteria that builds the query to search / delete emails in Exchange Server.
Exchange Search Result

[sn_sec_cmn_exchange_search_result]

Saves output returned from the Exchange server.
Field Mapping

[sn_sec_cmn_field_mapping]

Maps the results of a data enrichment integration to the data enrichment tables.
Field Mapping Field

[sn_sec_cmn_field_mapping_field]

Specifies the mapping from integration result names to the appropriate data enrichment table column.
Field Transform

[sn_sec_cmn_email_field]

Defines where to find the value for a field within an email in email processing.
Filter Group

[sn_sec_cmn_filter_group]

Creates a generic group for any table type.
Integration Data Source

[sn_sec_cmn_int_data_src]

Imports threat and vulnerability data from external sources by associating the retrieved data with a data source.
Integration Data Source Import Queue Entry

[sn_sec_cmn_ds_import_q_entry]

Imports queue entries for importing threat and vulnerability information from external sources.
Integration Item Category

[sn_sec_core_integration_item_category]

List of available integration categories (such as end point protection, firewall, vulnerability scanner).
Integration Item Configuration

[sn_sec_core_integration_item_config]

Contains values used to support integrations (such as username, password, or API key).
Integration Process

[sn_sec_cmn_integration_process]

Holds information about a single step in the execution of an integration run. Some integration runs may include multiple process steps.
Integration Run

[sn_sec_cmn_integration_run]

Keeps track of attempts to execute an integration. Stores information about the specific integration attempt.
Manually Added Records

[sn_sec_cmn_m2m_filter_group_manual]

Configures lists of non-CI and non-task records belonging to a filter group.
Manually Added CI

[sn_sec_cmn_m2m_filter_group_ci]

Configures lists of CIs belonging to a filter group.
Manually Added Tasks

[sn_sec_cmn_m2m_filter_group_task]

Configures lists of tasks belonging to a filter group.
Rate limit

[sn_cmn_rate_limit]

Defines a rate limit to be used on a lookup source or scanner.
Scan

[sn_sec_cmn_scan]

A threat lookup or vulnerability scan. Contains what to look up or scan, with what lookup source or scanner, and a summary of the results.
Scan Queue Entry

[sn_cmn_scan_q_entry]

A threat lookup or vulnerability scan record queued for lookup, scan, or processing. Facilitates the requests within stated rate limits.
Scanner

[sn_sec_cmn_scanner]

Defines third-party lookup source or scanners to use in lookups or scans.
Scanner Rate Limit

[sn_cmn_scanner_rate_limit]

Associates a lookup source or scanner with a rate limit.
Security Calculator

[sn_sec_cmn_calculator]

Contains security calculators which belong to a group, and the order in which they are executed in the group.
Security Calculator Group

[sn_sec_cmn_calculator_group]

Groups security calculators by criteria.
Security Data Integration

[sn_sec_cmn_integration]

Holds all available security integrations.
Security Email Events

[sn_sec_cmn_email_event]

Incoming email events, used to trigger email processing.
Security Integration Item

[sn_sec_core_integration_item]

Information about all the available security integrations.
Security Operations Rate Limit

sn_sec_cmn_rate_limit

Parent table for rate limits, used by threat scanning and vulnerability scanning.
Security Operations Widgets

[sn_sec_cmn_widgets]

Generates data for dashboard widgets.
Simple REST Integration

[sn_sec_cmn_rest_integration]

Supports scheduled integration to external security tools via REST.
Workflow Triggers

[sn_sec_cmn_workflow_trigger]

Defines conditions by which to launch workflows.
Workflow Triggers Workflow

[sn_sec_cmn_m2m_workflow_workflow_trigger]

Associates workflows with workflow triggers.