Hosts/Assets

When data is imported as a part of the integration, the Qualys VMDR automatically uses host (asset) data to search for matches in the ServiceNow Configuration Management Database (CMDB).

CI lookup rules are used to identify CI and add them to host detection records when vulnerability incidents are created to help you with remediation.

hosts_all

  • CI-Matched - If the IP address or host that is scanned in Qualys is part of ServiceNow CMDB, the same is categorized as matched CI. The vulnerability incident created for this hosts or assets is assigned according to the defined assignment rules.
  • CI-Unmatched - The host or asset is categorized as unmatched CI in one of the following conditions:
  • IP address or host that is scanned in Qualys is not available in CMDB
  • IRE scripts attributes do not match
  • Duplicate records of IP address or host are found in CMDB.

The vulnerability incident is created for this host or asset and is assigned to your Security team.

 To maximize the Host Asset records matching with CMDB CI records, enable the CI re-classification during IRE processing.

For Identification and Reconciliation, the following properties are used to control the re-classification and to identify the CI records:

  • glide.class.upgrade.enabled
  • glide.class.downgrade.enabled
  • glide.class.switch.enabled

For more information, refer to ServiceNow Documentation.

Set these properties as True to maximize the Host Asset records matching with CMDB CI records.

Related Topic

Find CI

Create CI

View and Manage Vulnerability incidents

 

© 2024 Qualys, Inc. All rights reserved. Privacy Policy.