Vulnerable item age calculation and display

  • Release version: Xanadu
  • Updated August 1, 2024
  • 3 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Vulnerable item age calculation and display

    The Vulnerability Response application in ServiceNow now displays the age of vulnerable items (VIs) with enhanced precision in Days/Hours/Minutes format. This detailed age information appears in the Age column on the Vulnerable Items list view and in the Age and Age closed fields on individual VI records (VIT).

    Show full answer Show less

    This improvement enables more accurate management and analysis of VIs, allowing you to:

    • Configure Auto Delete Rules more precisely by targeting specific VI records based on detailed age.
    • Improve system performance by removing outdated records more effectively, especially useful for instances with large VI volumes.
    • Generate more detailed Performance Analytics reports for Vulnerability Response.
    • Create focused filters and pruned list views to display only relevant VIs.
    • Facilitate easier data navigation through dot-walking.

    How Age is Calculated and Displayed

    Previously, VI age was calculated by a scheduled job, which could slow down performance in large instances. Now, age is calculated on-demand more efficiently and displayed with greater detail automatically after installing or upgrading the Vulnerability Response application.

    If, after an upgrade, the detailed age is not visible, it indicates the age column is outdated. ServiceNow provides guidance (KB0749231) to resolve this issue.

    The Age and Age closed fields are read-only. Access permissions are as follows:

    • Vulnerability managers with snvul.vulnerabilityread permission or Vulnerability admin persona can view all age data.
    • IT remediation owners with snvul.remediationowner role can view age on records assigned to them.

    Persona and granular roles help manage user access and capabilities within Vulnerability Response.

    Age Display Details

    • Active VIs: Age is shown in Days/Hours/Minutes (e.g., 21 Days 17 Hours 17 Minutes) in the Age column on list views and in the Age field on VI records. Active VIs are those in any state except 'Closed'.
    • Closed VIs: Age is not displayed in the Age field. Instead, when a VI transitions to 'Closed', the total active time in days is saved and shown in the Age closed field. For example, a VI active for 9 days, 18 hours, and 29 minutes will show 9 days in Age closed.
    • Reopened VIs: If a VI is reopened from 'Closed', the Age closed field resets to 0, and the detailed Age in Days/Hours/Minutes resumes displaying as the VI becomes active again.

    Additional Information

    For customers interested in customizing how Age and Age closed values are calculated, ServiceNow provides detailed guidance in article KB1703270.

    The age of vulnerable items (VIs) is displayed in the Vulnerability Response application with more detail.

    Overview

    The vulnerable item (VI) age is displayed in Days/Hours/Minutes format in the Age column on the Vulnerable Items list view, and in the Age and Age closed fields on VI (VIT) records. Age displayed in more significant digits may help you more accurately perform the following activities:
    • Configure rules in the Auto Delete Rules module to target and delete specific VI records by Days/Hours/Minutes. Removing records with more accuracy may increase your performance, especially if you have a large number of VI records in your instance.
    • View reports with more specific details in the Performance Analytics for the Vulnerability Response application.
    • Create filters that identify only the VIs you want.
    • Prune list views to display only the VIs you want.
    • Dot-walk more easily.

    A scheduled job calculated age and updated all active VIs. In instances with large numbers of VI records, this process could be slow and negatively impact performance. VI age is calculated more efficiently on-demand and displayed with more significant digits with an enhanced Age column. The enhanced Age column is automatically added when you install or upgrade the Vulnerability Response application.

    Note:
    If you perform an upgrade and the VI age is not displayed in the Vulnerable Items list view and in the Age and Age closed fields on active VI (VIT) records in Days/Hours/Minutes (9 Days, 18 Hours, 29 Minutes) format, the age column is not current in your instance. For more information about how to resolve this issue after an upgrade, see KB0749231.

    The age column and fields are not editable. A vulnerability manager with the sn_vul.vulnerability_read permission or the Vulnerability admin persona can view this value, and IT remediation owners with the sn_vul.remediation_owner role can view it on records assigned to them.

    Persona and granular roles are available to help you manage what users and groups can see and do in the Vulnerability Response application. For an initial assignment of the persona roles in Setup Assistant, see Assign the Vulnerability Response persona roles using Setup Assistant. For more information about managing granular roles, see Manage persona and granular roles for Vulnerability Response.

    VI age is displayed as shown in the following images.

    Vulnerable items list

    As shown in the following figure, on the Vulnerable Items list view, Age is displayed in the Age column in Days/Hours/Minutes (21 Days 17 Hours 17 minutes) only for active VIs. Active VIs are VIs in any states other than 'Closed'. This age value represents the number of days the VI has been active.

    The age is not displayed for VIs in the ‘Closed’ state. For VIs previously in a ‘Closed’ state and then reopened, the value represents the number of days the VI has been active since the date it was last opened.

    VI list view that shows the Age field is blank for VIs in a Closed state.

    Age on VI records

    On the VI records, the value of Age column in the list view is visible for active VIs in the Age field.

    VI Age field and State for active VI.

    The value of the Age column is not displayed for VI records in the ‘Closed’ state.

    The Age field isn't displayed for a closed VI.

    Age on the Vulnerable items list and VI records when a VI is updated

    When a VI is in the ‘Closed’ state, the Age field is not displayed. When the VI transitions to ‘Closed', the value in number of days from the Age column is displayed in the Aged closed field (9) as shown in the following figure. This value represents the number of days the VI was active before it transitioned to ‘Closed.’ For example, in the following image, this VI was active for 9 days, 18 hours, and 29 minutes, but only the number of days (9) is displayed on the closed record.

    The Age closed field on the VI record in days.

    If this VI is reopened, when the VI state transitions back to ‘Open’, the Age closed field is reset to 0. Because the VI is active again, the age in Days/Hours/Minutes is displayed in the list view in the Age column and on the Age field on the VIT.

    The Age closed field is reset to 0 and the Age field is in Days/Hours/Minutes.

    For more information on how to customize the Age and Age closed calculations, see the KB1703270 article.