Created
April 6, 2022 09:44
-
-
Save cmcdevitt/84306ab24ebfcc94bf2c19a6e3e4b8c4 to your computer and use it in GitHub Desktop.
Identify Discovered Items that are not associated with a Vulnerable Item
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| Sample script to find Discovered Items that are not referenced by a Vulnerable Item | |
| A VI has a Reference to a DI | |
| */ | |
| var DI_TABLE = 'sn_sec_cmn_src_ci'; | |
| var VIT_TABLE = 'sn_vul_vulnerable_item'; | |
| var found = false; | |
| var count = 0; | |
| var grVI = new GlideRecord(VIT_TABLE); | |
| //GlideRecord is just fine, I was testing PageGlideRecord at the same time | |
| //Use PageGlideRecord to be gentle on your system | |
| var diGR = new sn_vul.PagedGlideRecord(DI_TABLE); | |
| diGR.setSortField("sys_id");//Sort Field is manadatory! | |
| //I think that Matched DI are just fine | |
| diGR.addQuery('state','unmatched'); | |
| diGR.query(); | |
| while(diGR.next()){ | |
| (function() { | |
| //Note that PageGlideRecord poperty access '.gr.' | |
| found = grVI.get('src_ci',diGR.gr.getValue('sys_id')); | |
| if(!found){ | |
| //'log' is not necessary, just writing to a table to start analyzing in a dev environment | |
| var log = new GlideRecord('u_di_output'); | |
| log.initialize(); | |
| log.setValue('u_number',diGR.gr.getValue('number')); | |
| log.setValue('u_di',diGR.gr.getValue('sys_id')); | |
| log.update(); | |
| //Do something with your finding | |
| count++; | |
| //I'm thinking about flaging DI that do not have a VI | |
| //Then retiring their related CI | |
| //Then delete both over time | |
| }})(); | |
| } | |
| gs.info(count); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment