Create vulnerability group rules You can create rules to automatically group vulnerable items based on filter conditions. Before you beginRole required: sn_vuln.admin About this taskThe base system ships with one vulnerability group rule, Vulnerability, which groups vulnerable items by vulnerability. This rule can be modified using filter conditions and group keys. Group keys are columns in the vulnerable item table. Select up to three basic keys and/or advanced keys to indicate what values should be used to group the vulnerable items. Procedure Navigate to Vulnerabilities > Administration > Vulnerability Group Rules. Open the Vulnerability rule or click New. If New, fill in the fields on the form, as appropriate. Table 1. Vulnerability Group Rule Field Description Name Name of the group rule. Active Indicates whether the group is active. Limit vulnerable items Optional filter condition for the rule. Group by Key 1 A column in the vulnerable item table used to refine the rule. Key 2 A column in the vulnerable item table used to refine the rule. Key 3 A column in the vulnerable item table used to refine the rule. Advanced Advanced options allow you to select Keys from specific CI classes, and third-party vulnerabilities. CI class Select a CI class. CI key Select a CI key. Vulnerability class Select a Vulnerability class. Vulnerability key Select a Vulnerability key. Assignment Assign by To automate the assignment of groups created based on this rule, choose one of the options available. Assignment group Assignment group field Assignment rulesNote: If you choose the Assignment rules option, be sure to save the Group rule form to see the Assignment rules section. When automatically assigning vulnerability groups, the assignment key is used in addition to the Group By Keys to group the vulnerable items. New groups are created, as needed, to ensure that each vulnerable item is placed in a group with the specified assignment group set. Note: There are three Assignment group fields available. However, this list is a choice list field and you can add any number of group fields that are accessible by dot-walking from the Vulnerable Item (sn_vul_vulnerable_item) table. For example, if there is an Application Support group as part of the cmdb_ci support group, you can add that in this list. For more information on how to configure a choice list see definitions View choice list definitions .Note: Adding choices, especially using dot-walking, requires ServiceNow expertise. Note: The Clear Group By Keys related link removes the group keys from the form. If you decided to use one of the advanced keys instead, you can use this link to clear the group by keys before selecting your advanced options. Related TasksAdd users to the Vulnerability Response groupCreate a vulnerability group Vulnerability group rules examples Examples of vulnerability group rules using vulnerability and risk, or impact, or configuration item (CI). Vulnerability group rule to group high risk Java and Oracle vulnerable itemsThis example shows a walk-though of the rule that groups Java and Oracle VIs by vulnerability and assigns them to their respective support groups. . Right-click in the header to Save your Group By selections.Select Assign by Assignment rules in the Assignment tab. Click New.Select your conditions and choose an Assignment group. Click Submit. Repeat to add the Oracle Admin group. Click Update. Vulnerability group rule to group all high impact vulnerable items by Vulnerability and CI support group This example shows the form field settings for a group rule for high impact VIs that assigns them to the CI support group. Vulnerability group rule to group all the high risk vulnerabilities on an external-facing CI in a German data center This example shows the form field settings for a group rule for high risk vulnerabilities on external facing CIs in a German data center. They are assigned to the German data center assignment group.