Configure Assignment Rules
The assignment rule defines the group to which the vulnerability incident is assigned based on the group responsible for the remediation of the detected vulnerability. The incidents are automatically assigned to the appropriate team based on the criteria defined.
Currently, all incidents are assigned to the Infrastructure team.
We have provided an example of creating an assignment rule. However, you may not view this option as the permissions to create the assignment rule are restricted. To get the assignment rules created, contact your ServiceNow representative.
The following image displays the assignment rules that are available by default.
For example, the assignment rule for the Windows team:
The assignment rule criteria for cloud assets:
Perform the following steps to create a new assignment rule:
-
Go to Configuration > Assignment Rules, and click New.
- Enter required details to create the assignment rule:
- Name - Provide a name for the assignment rule.
- Active - Select the Active check box to activate the assignment rule that you create.
- Applies To - Define the conditions for the detected vulnerability for the incident assigned to the user or group.
The assignment rule is applied only if the incident has not already been assigned to any other user or group.
- Table - Select Qualys - Vulnerability Incident from the list.
- Conditions - Define conditions using single or multiple attributes and filter for this assignment rule.
The conditions can be selected based on your CMDB attributes such as, CI class, CI OS type, CI location and zone, CI IP address range/CIDR, CI assignment group, and so on.
-
Assign To - Select User or Group from the list to whom the incident is assigned.
-
Script - You can enter a script to customize the assignment rules.
-
Click Submit to create the assignment rule.