Exploring Instance Scan

  • Release version: Yokohama
  • Updated January 30, 2025
  • 3 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Exploring Instance Scan

    Instance Scan is a tool designed to evaluate the health of your ServiceNow instance by running focused checks that identify security issues, upgrade best practices, manageability challenges, user experience, and performance vulnerabilities. It supports various scan types to analyze tables, records, or metadata, providing actionable insights to maintain and improve your instance.

    Show full answer Show less

    Note that Instance Scan has limited support for domain separation; findings are separated visually by the domain of the source record.

    Key Features

    • Checks: Rules that detect anomalies or improvement opportunities in your instance. Checks can be created and grouped into suites.
    • Scan Types:
      • Full Scan: Runs all active checks against the entire instance.
      • Point Scan: Executes applicable checks against a specific record, update set, or application, targeting only relevant data.
      • Test Scan: Allows testing of individual checks to verify their effectiveness before running broader scans.
    • Results and Findings: Scan results report the status and type of scan executed, while findings highlight specific records that violated check rules.
    • Dashboard: Provides a system-wide visual summary of instance health, allowing easy management and analysis of scan outcomes.
    • Quota Rule: Controls scan execution time to prevent long-running scans from impacting system performance by setting thresholds for scan duration.
    • User Roles: The scanuser role enables users to create checks, execute scans, schedule scans, monitor scan results, and analyze instance health.

    Practical Benefits for ServiceNow Customers

    • Create and customize checks to continuously monitor and improve instance health.
    • Run targeted or comprehensive scans based on your operational needs, ensuring efficient use of resources.
    • Schedule scans to automate regular health assessments, keeping your instance compliant and optimized.
    • Monitor scan results through a centralized dashboard to quickly identify and address potential issues.
    • Leverage quota rules to maintain system stability by controlling scan execution times.

    Next Steps

    To effectively utilize Instance Scan, customers can explore configuration options, learn how to create and execute scans, and use the dashboard for ongoing monitoring. Detailed guides and references are available to assist with these tasks.

    If you are new to Instance Scan, read this overview to learn what the tool can do. Follow the tutorial to create checks and execute scans that uses most basics of Instance Scan features.

    Note:
    Instance Scan doesn't fully support domain separation. Findings are visibly domain separated based on the domain of the source record. For more information see Domain separation.

    Instance Scan overview

    Instance Scan uses the following records, components and scan types.
    Checks
    Checks are singular focused rules that detect anomalies or opportunities in an instance. These checks can run against tables, records, or metadata. Checks are defined to identify security, upgrade best practices, manageability, user experience and performance vulnerabilities. See Getting started with checks for more information.
    Results
    An Instance Scan result reports the status and type of the scan. See Results for more information.
    Findings
    A finding is a reference to a record that has violated a rule from a check on the instance. See Findings for more information.
    Dashboard
    The Instance Scan dashboard is a system-wide visual representation of the health of your instance. The dashboard helps you manage and analyze the full scan results against your instance. See Instance Scan dashboard for more information.
    Quota rule
    A quota rule determines the execution threshold of a scan. The quota rule prevents the instance from running long scans. For example, any scan running longer than the threshold set by the quota rule will result in a failure. See Quota rules for more information.
    Full scan
    Execute a scan for the entire instance by selecting Execute Full Scan. Implementing a full scan runs all the active checks present in your instance.
    Point scan
    Execute all applicable checks against a single record, update set, or an application by selecting Run Point Scan. For example, if you execute a point scan against a business rule, only the checks that are applicable to the business rule table run, and only that single target record is scanned. If you execute an update set scan or an application scan, all records related to that update set or application are scanned. See Execute an app scan and Execute an update set scan for more information.
    Test scan
    Execute a test scan to verify if the check works as expected. The test scan enables you to test a single check instead of a full scan by selecting a single check and selecting Test Check on the Check form.

    Instance Scan users

    Instance Scan has the following roles.
    Users Description
    scan_user The scan_user role can run different types of scans and view the findings and results.

    Instance Scan benefits

    Benefit Feature Users
    Create checks and check suites to know the health of your instance scan_user
    Execute scans on the created checks to review the instance health Executing a scan scan_user
    Scheduling of scans and suite scan scan_user
    Monitor your scans to ensure no health issues of your instance Monitoring a scan scan_user
    Manage and analyze the results of full scan against your instance Instance Scan dashboard scan_user

    What to explore next

    To learn more about using Instance Scan, see: