Loading...
Loading...
Qualys Vulnerability Integration plugin enables to collect the data and automatically send it to the Qualys Cloud Platform, which continuously analyzes and correlates the information. It easily integrates with Security Operations to map vulnerabilities to CIs and business services to determine impact and priority of potentially malicious threats. Once the Plug-In: Qualys Vulnerability Integration is installed some of the Transform Map's and Script Includes are provided by default to import vulnerabilities into the instance. With the existing out of the box Transform Map's and Script Includes sometimes duplicate records might be observed while importing vulneribilities from qualys . Following changes were recommend to avoid Duplicate records while importing vulneribilities from qualys (on the instance where Qualys Vulnerability Integration plugin is installed. These changes will be incorporated by default in future releases of ServiceNow.
Install the Plug-In: Qualys Vulnerability Integration Once the plugin is installed some of the Transform Map's and Script Includes are provided by default to import vulnerabilities into the instance. With the existing out of the box Transform Map's and Script Includes, perform a Qualys import and sometimes duplicate records might be observed while importing vulnerabilities from qualys.
Change 1: Transform Map : Qualys Detection List Transform In transfrom https://<instance>.service-now.com/nav_to.do?uri=sys_transform_entry.do?sys_id=8dc7bc249f42120034c6b6a0942e70cb Change parameter from false to true var ci = sn_vul_qualys.QualysUtil.get().lookupCISysId(qgHost, hostId, ip, dns, netbios, false); TO var ci = sn_vul_qualys.QualysUtil.get().lookupCISysId(qgHost, hostId, ip, dns, netbios, true); Change 2:(to avoid potential CI duplicates) In Script Include: QualysSimpleCITransform (Change parameter from false to true) https://<instance>.service-now.com/nav_to.do?uri=/sys_script_include.do%3Fsys_id%3D2ec7c2cb9f31120034c6b6a0942e707d Change from: lookupSysId: function(source) { return sn_vul_qualys.QualysUtil.get().lookupCISysId(source.u_qg_hostid + "", source.u_id + "", source.u_ip + "", source.u_dns + "", source.u_netbios + "", false); }, To: lookupSysId: function(source) { return sn_vul_qualys.QualysUtil.get().lookupCISysId(source.u_qg_hostid + "", source.u_id + "", source.u_ip + "", source.u_dns + "", source.u_netbios + "", true); }, Change 3: In Script Include: QualysUtil https://<instance>.service-now.com/nav_to.do?uri=sys_script_include.do?sys_id=bb2a7dcb9f21120034c6b6a0942e70f4 Change from: (Query for name instead of fqdn) // NetBIOS match if (!gs.nil(netbios)) { ci = new GlideRecord("cmdb_ci_hardware"); ci.addQuery("fqdn", netbios); ci.query(); if (ci.next()) return ci.sys_id; } To: // NetBIOS match if (!gs.nil(netbios)) { ci = new GlideRecord("cmdb_ci_hardware"); ci.addQuery("name", netbios); ci.query(); if (ci.next()) return ci.sys_id; }
PRB1238278
Click on a version to see all relevant bugs
ServiceNow Integration
Learn more about where this data comes from
Bug Scrub Advisor
Streamline upgrades with automated vendor bug scrubs
BugZero Enterprise
Wish you caught this bug sooner? Get proactive today.