Rules for identifying configuration items from third-party integrations

When data is imported from a third-party integration, the host information is searched automatically for matches in the CMDB. When a host ID match is found, it is used as the Configuration item field in the vulnerable item record. If a match is not found, or the host ID field is empty, the rules use the other host information to correctly identify the CI.

Note: CI lookup rules are available only for the Qualys and Rapid7version 6 vulnerability integrations.

CI lookup rules can be domain separated and are source-specific.

Note: CI lookup rules are shared by all deployments of the Qualys Vulnerability Integration. If a rule is deleted or modified, the deletion or changes affect all deployments of the Qualys Vulnerability Integration.

When attempting a match, the first step is a vendor ID lookup for an exact match across source, source_instance, and vendor ID. Then, lookup rules are run in order, from lowest to highest and stop when a rule returns just a single CI as a match.

CI lookup rules shipped with the Qualys Vulnerability Integration plugin [com.snc.vulnerability.qualys].

QUALYS HOST ID
FQDN
NetBIOS
DNS
IP

CI lookup rules shipped with the Rapid7 version 6 vulnerability integration plugin [sn_vul_r7]

MacAddress
FQDN
HostName
IP

Note: Rules, once removed, cannot be recovered. Rather than removing existing rules, deactivate them when creating new ones.

Rules for identifying configuration items from third-party integrations

Note: CI lookup rules are available only for the Qualys and Rapid7version 6 vulnerability integrations.

CI lookup rules can be domain separated and are source-specific.

CI lookup rules shipped with the Qualys Vulnerability Integration plugin [com.snc.vulnerability.qualys].

QUALYS HOST ID
FQDN
NetBIOS
DNS
IP

CI lookup rules shipped with the Rapid7 version 6 vulnerability integration plugin [sn_vul_r7]

MacAddress
FQDN
HostName
IP

Note: Rules, once removed, cannot be recovered. Rather than removing existing rules, deactivate them when creating new ones.

How search works:

Topics are ranked in search results by how closely they match your search terms

Rules for identifying configuration items from third-party integrations

Rules for identifying configuration items from third-party integrations

On this page

Rules for identifying configuration items from third-party integrations

Rules for identifying configuration items from third-party integrations

Log in to personalize your search results and subscribe to topics