Product documentation Docs
    • English
    • Deutsch
    • 日本語
    • 한국어
    • Français
  • More Sites
    • Now Community
    • Developer Site
    • Knowledge Base
    • Product Information
    • ServiceNow.com
    • Training
    • Customer Success Center
    • ServiceNow Support Videos
  • Log in

Product documentation

  • Home
How search works:
  • Punctuation and capital letters are ignored
  • Special characters like underscores (_) are removed
  • Known synonyms are applied
  • The most relevant topics (based on weighting and matching to search terms) are listed first in search results
Topics are ranked in search results by how closely they match your search terms
  • A match on the entire phrase you typed
  • A match on part of the phrase you typed
  • A match on ALL of the terms in the phrase you typed
  • A match on ANY of the terms in the phrase you typed

Note: Matches in titles are always highly ranked.

  • Release version
    Table of Contents
    • Security Operations
Table of Contents
Choose your release version
    Home Orlando Security Incident Management Security Operations Vulnerability Response Supported applications and setup for Vulnerability Response Optional Vulnerability Response setup tasks Create a CI lookup rule

    Create a CI lookup rule

    • Save as PDF Selected topic Topic & subtopics All topics in contents
    • Unsubscribe Log in to subscribe to topics and get notified when content changes.
    • Share this page

    Create a CI lookup rule

    The CI Lookup Rules module contains rules that are used to find the matching record for host information received during third-party vulnerability integration imports. The host information is matched with the discovered items, unmatched configuration item classes, and the Configuration Management Database (CMDB).

    Before you begin

    Role required: v10.3 sn_vul.vulnerability.admin or sn_vul.admin (deprecated)

    Starting with v10.3, persona and granular roles are available to help you manage what users and groups can see and do in the Vulnerability Response application. For initial assignment of the persona roles in Setup Assistant, see Assign the Vulnerability Response persona roles using Setup Assistant. For more information about managing granular roles, see Manage persona and granular roles for Vulnerability Response.

    About this task

    Creating CI lookup rules requires advanced ServiceNow and Vulnerability Response expertise. Rather than modifying one of the existing lookup rules, consider copying it and modifying the copy. When you are satisfied that the new rule does what you want, deactivate the original.
    Note: Rules, once removed, cannot be recovered. Rather than removing existing rules, deactivate them when creating new ones.

    Procedure

    1. Navigate to Security Operations > CMDB > CI Lookup Rules.
    2. Click New.
    3. On the form, fill in the fields.
      Table 1. CI lookup rule form
      Field Description
      Name Name of the rule.
      Lookup method Method used for matching. Choices are:
      • Script: Pre-built (IP address, DNS name, and so on) or custom script.
      • Field matching: Search on table or field in the CMDB.
      Type Type used with the Script Lookup method.
      Order Order of precedence for the rule. Rules with the lowest order are evaluated first.
      Active Check box for whether the rule is active or disabled.
      Source Source used as input to this rule.
      Source field Source field used as input to this rule. Select any field, but it is treated as a string value.
      Version 12.0: Condition Condition based on which the CI lookup rule is applied. This condition depends on the attribute from the third-party scanner.
      Note: The asset attribute is a part of the payload. It is received from the third-party scanner. See the Discovered Items table for payload examples.
      Script Editable sample script, based on the Type, is shown. Implement the custom script following the comments included in the template of the default function.
      Note:

      The process function has three parameters: rule, sourceValue, and sourcePayload

      Search on table Table to search within the CMDB. Used with field matching Lookup Method.
      Search on field Field that contains information that can be used to locate a CI. Used with the field matching Lookup method. This field may be on the CI record, or on a related record, such as a network adapter.
    4. Click Submit.

      For more information implementation information for CI Lookup Rules see, Prevent duplicate or orphaned records after running Vulnerability Response CI lookup rules.

      Figure 1. Example of a CI lookup rule using a condition builder for V12.0
      Example of a CI lookup rule using a condition builder for V12.0
      Figure 2. Example of a CI lookup rule using a script
      Example of a CI lookup rule using a script
    Related reference
    • Vulnerability Response vulnerable item form fields

    Tags:

    Feedback
    On this page

    Previous topic

    Next topic

    • Contact Us
    • Careers
    • Terms of Use
    • Privacy Statement
    • Sitemap
    • © ServiceNow. All rights reserved.

    Release version
    Choose your release version

      Create a CI lookup rule

      • Save as PDF Selected topic Topic & subtopics All topics in contents
      • Unsubscribe Log in to subscribe to topics and get notified when content changes.
      • Share this page

      Create a CI lookup rule

      The CI Lookup Rules module contains rules that are used to find the matching record for host information received during third-party vulnerability integration imports. The host information is matched with the discovered items, unmatched configuration item classes, and the Configuration Management Database (CMDB).

      Before you begin

      Role required: v10.3 sn_vul.vulnerability.admin or sn_vul.admin (deprecated)

      Starting with v10.3, persona and granular roles are available to help you manage what users and groups can see and do in the Vulnerability Response application. For initial assignment of the persona roles in Setup Assistant, see Assign the Vulnerability Response persona roles using Setup Assistant. For more information about managing granular roles, see Manage persona and granular roles for Vulnerability Response.

      About this task

      Creating CI lookup rules requires advanced ServiceNow and Vulnerability Response expertise. Rather than modifying one of the existing lookup rules, consider copying it and modifying the copy. When you are satisfied that the new rule does what you want, deactivate the original.
      Note: Rules, once removed, cannot be recovered. Rather than removing existing rules, deactivate them when creating new ones.

      Procedure

      1. Navigate to Security Operations > CMDB > CI Lookup Rules.
      2. Click New.
      3. On the form, fill in the fields.
        Table 1. CI lookup rule form
        Field Description
        Name Name of the rule.
        Lookup method Method used for matching. Choices are:
        • Script: Pre-built (IP address, DNS name, and so on) or custom script.
        • Field matching: Search on table or field in the CMDB.
        Type Type used with the Script Lookup method.
        Order Order of precedence for the rule. Rules with the lowest order are evaluated first.
        Active Check box for whether the rule is active or disabled.
        Source Source used as input to this rule.
        Source field Source field used as input to this rule. Select any field, but it is treated as a string value.
        Version 12.0: Condition Condition based on which the CI lookup rule is applied. This condition depends on the attribute from the third-party scanner.
        Note: The asset attribute is a part of the payload. It is received from the third-party scanner. See the Discovered Items table for payload examples.
        Script Editable sample script, based on the Type, is shown. Implement the custom script following the comments included in the template of the default function.
        Note:

        The process function has three parameters: rule, sourceValue, and sourcePayload

        Search on table Table to search within the CMDB. Used with field matching Lookup Method.
        Search on field Field that contains information that can be used to locate a CI. Used with the field matching Lookup method. This field may be on the CI record, or on a related record, such as a network adapter.
      4. Click Submit.

        For more information implementation information for CI Lookup Rules see, Prevent duplicate or orphaned records after running Vulnerability Response CI lookup rules.

        Figure 1. Example of a CI lookup rule using a condition builder for V12.0
        Example of a CI lookup rule using a condition builder for V12.0
        Figure 2. Example of a CI lookup rule using a script
        Example of a CI lookup rule using a script
      Related reference
      • Vulnerability Response vulnerable item form fields

      Tags:

      Feedback

          Share this page

          Got it! Feel free to add a comment
          To share your product suggestions, visit the Idea Portal.
          Please let us know how to improve this content

          Check any that apply

          To share your product suggestions, visit the Idea Portal.
          Confirm

          We were unable to find "Coaching" in Jakarta. Would you like to search instead?

          No Yes
          • Contact Us
          • Careers
          • Terms of Use
          • Privacy Statement
          • Sitemap
          • © ServiceNow. All rights reserved.

          Subscribe Subscribed Unsubscribe Last updated: Tags: January February March April May June July August September October November December No Results Found Versions Search preferences successfully updated My release version successfully updated My release version successfully deleted An error has occurred. Please try again later. You have been unsubscribed from all topics. You are now subscribed to and will receive notifications if any changes are made to this page. You have been unsubscribed from this content Thank you for your feedback. Form temporarily unavailable. Please try again or contact  docfeedback@servicenow.com  to submit your comments. The topic you requested does not exist in the release. You were redirected to a related topic instead. The available release versions for this topic are listed There is no specific version for this documentation. Explore products Click to go to the page. Release notes and upgrades Click to open the dropdown menu. Delete Remove No selected version Reset This field is required You are already subscribed to this topic Attach screenshot The file you uploaded exceeds the allowed file size of 20MB. Please try again with a smaller file. Please complete the reCAPTCHA step to attach a screenshot
          Log in to personalize your search results and subscribe to topics
          No, thanks Login