Active CIs Updated in Last 90 days Get Well Playbook Refresh Stale CIs in your CMDB A guide for how to refresh stale CIs Table of Contents Summary. 3 Audience. 3 Problem Overview.. 3 Executive Summary. 4 How this playbook can help you achieve your business goals 4 How this playbook is structured. 4 Problem Analysis 4 Upstream Causes 4 Downstream Consequences 5 Impact on Your Business 5 Engagement Questions 6 Remediation Plays 6 Summary. 6 Analysis Play. 6 Fix Play. 8 Data Governance Play. 10 Summary Goal of this Playbook The goal of this playbook is to help you identify and refresh the stale configuration items (CIs) in the Configuration Management Database (CMDB). Author Emir EminovicDate 06/25/2020Addresses HSD # HSD0002998, HSD0003550Applicable ServiceNow Releases All ReleasesTime required Approximately 1-4 Hours Audience Configuration Managers or Configuration Management teamServiceNow Administrators Note: As you follow the instructions in this playbook, you may need help from people in the following roles: Discovery AdministratorAsset ManagerThird-party Application Owner Problem Overview A stale configuration item (CI) is one that you have not updated within a specific number of days (for example, 90 days). Stale CIs can lead to: Incorrect decisions where the data is used (for example, at the Application Level). Inaccurate classification of risk and level of urgency, which can increase the mean-time-to-respond (MTTR).Erosion of trust in the CMDB. Stale CIs being marked as non-operational, which can negatively affect system performance.Inaccurate lifecycle states, which can create a poor user experience. Executive Summary How this playbook can help you achieve your business goals Incident Reduction Data Accuracy Process Automation Data Accuracy Audit/Compliance System Integrity Lower MTTR Data Validation How this playbook is structured This playbook guides you through three plays. The first play (an analysis play) lets you see the number of stale CIs in your CMDB, if any. The second play (a fix play) lists the methods you can use to refresh the stale CIs, and helps you choose one or more of those methods. The third play (a governance play) explains the processes you can use to prevent creating stale CIs. Problem Analysis Upstream Causes The following can create stale CIs: Data population has not been scheduled or has not been done in the last 90 days. Issues with Discovery, such as: Discovery has not been scheduledDiscovery does not complete due to errors, such as an expired credentialDiscovery coverage is insufficient Custom CI Import jobs or integrations are not working, or the refresh period has been changed to more than 90 days. Decommissioning processes are set up incorrectly or Lifecycle states are not updated.Legacy data or manual entries are not connected to any automated discovery process.Previously imported legacy data has not been refreshed. Downstream Consequences Data Consequence Data is out-of-dateCI state is out-of-date date Relationships to other CIs and services are out-of-date Ownership Information is out-of- date Data is overloaded (bloated) Operation Consequence If you cannot trust the data in the CMDB, you may decide to create a source that you can trust. For example, you might create an additional report or vendor console. Having two data sources can lead to additional overhead activities and integration problems. Stale CI data can cause service outages or configuration errors. Application Consequence The stale CIs cause lower CMDH Health Dashboard Correctness scores.Applications that use the stale CIs in the CMDB, such as IT Service Management (ITSM) and IT Operations Management (ITOM), show inaccurate data. This inaccurate data can lead to incorrect decisions. Example: Asset Management: Reporting incorrect Service Pack and Security RiskReports containing stale CI information are inaccurate, require additional validations, and raise questions. Impact on Your Business Stale CIs can cause you to make incorrect decisions about data at the application level. Stale CIs can also adversely affect your high-priority business initiatives. Engagement Questions Consider the answers to these questions: Do you have automated Discovery, Service Mapping, or Import schedules? How often do run your schedules? Do you see any errors? What is the most reliable source for your CI data and specific classes? What CIs do you enter manually? Do you periodically re-certify your data (for all or some of classes)? Do you have defined CI Lifecycle states? Are you using the lifecycle state definitions included with the base system? If not, what definition states are you using? Remediation Plays Summary The table below lists and summarizes each of the remediation plays in the playbook. Details are included later. Play Name Analysis What this play is about Lets you see if you have any stale CIs in the CMDB. Required tasks If you have stale CIs, run a script to get details. Fix What this play is about Lists the methods you can use to refresh the stale CIs. Methods vary according to the root cause. Required tasks Use one or more of the available methods to refresh the stale CIs. Data Governance What this play is about Lists the methods you can use to limit the number of stale CIs. Required tasks Use one or more of the methods to limit the number of stale CIs, and ensure data accuracy. Analysis Play What this play is about This play helps you find any stale CIs in your CMDB. Option 1 : You have CMDB and CSDM Data Foundations Dashboards V 2.0.0 or higher Go to Navigator to "CMDB Data Foundations Dashboard"Inside the dashboard click on "Data Management Practices" tabReview the results for "Active CIs Updated in Last 90 days" metric Option 2 : Use the script provided below, This play includes the Analysis Play script you can use to find these CIs. The Analysis Play script sorts the CMDB data by the following categories. Data by Class: The top 10 classes with stale CIs.Data by Discovery Source: The top 5 Discovery Sources that are not refreshing the CIs.Data by Created By: The top 5 users who have created CIs but have not set up refresh schedules.Data by Location: The top 5 locations identified as the sources of the stale CIs. Required tasks Run the Analysis Play script to check for stale CIs. (Run the script as a background task.) Review the results of the script. If there are not any stale CIs, you do not need to do anything else. You have completed the Analysis Play.If there are stale CIs, you need to review them. Keep the results of the script open, and complete the tasks in the Fix Play. If you have stale CIs, output similar to the following appears. Fix Play What this play is about This play lists the methods you can use to refresh the stale CIs. Choose one of five methods (described below), based on the output of the Analysis Play script. Review the Analysis Play script output. Important: Carefully review the Analysis Play script output. It helps you identify the root causes, which then helps you decide which refresh method to use. If you have more than one root cause, you need to address all of them. Refresh the category with the largest number of stale CIs first, or refresh the stale CIs in your most important CI classes. Choose the method you want to use, based on the root cause. The table below lists the root cause and the corresponding method to choose. What is causing the stale CIs (root cause) Method to use Discovery Method A Third-party applications Method B Data Imports Method C Manually entered CI records Method D Legacy CI records Method E Method A: Root cause — Discovery does not refresh the CIs Work with your Discovery Administrator to refresh this data and fix the root cause. Examine one CI class at a time. Verify that the Discovery schedules are active and are completing successfully.Check for any Discovery errors, such as problems with credentials, or firewalls.If you are using custom patterns, see if they are set to update the Last Updated timestamp. (Optional) Consider using a business rule that retires CIs that are not discovered.Review the IP exclusion ranges.Note: If the CI is no longer in the system, consider the answers to these questions: Is your asset-decommissioning process updating the CMDB when appropriate?Have you set up a deletion strategy for the related CI classes? Method B: Root cause — Third party applications are not refreshing the CIs Contact the third-party application owner and review how the data is sent to the CMDB. Ask the following questions: How are they managing the lifecycle of a CI and how are those updates sent to ServiceNow?Are only the deltas sent over periodically?Was the data sent as a one-time only activity? Can it be set up to happen more frequently? Can a "refresh" job be performed? Check if the third-party application supports passing the data though the Identification and Reconciliation Engine (IRE).(Optional) Consider using Discovery as a validation mechanism for your CIs. Method C: Root cause — ImportSets are not updating the CIs Reimport the data. To avoid creating duplicate CIs, update the records using coalesce field matching. Specify a coalesce field and add the following text as an onBefore script to the existing transform map. This text ensures that only matching records are updated. if (action == 'insert') Ignore = true; Make sure that the onBefore script includes updated CI records (same as the step above). (Optional) Consider retiring or archiving records that are at the end of their lifecycles.(Optional) Consider using Discovery as the primary source for the CIs. Method D: Root cause — Manually entered CIs are not being updated Confirm that the CI has not been updated recently. If you know who manually entered the CI, find out why. See if there's a way to automate adding the CIs, or see if there's a way to certify periodically any records entered manually. Method E: Root cause — Stale CIs are remnants of the legacy CMDB records Are the legacy records still valid? Consider marking them as retired or non-operational, or consider archiving them. For information on archiving the records, see the Governance Play. Data Governance Play What this play is about This play lists the methods you can use to limit the number of stale CIs in your CMDB. You can use one or both of the following methods: Method A: Use a CMDB Health dashboardMethod B: Certify your CMDB data Required tasks Decide the method you want to use and follow the instructions. Method A: Setup the CMDB Health dashboard The staleness metric is included in CMDB Correctness Scorecard. Complete the CMDB Fundamentals Training.Create health inclusion rules for your most important classes.(Optional) Consider using CMDB Remediation Rules to retire the stale CIs automatically. Default Staleness Rule example Method B: Certify your CMDB Data Even when CIs are added to the CMDB correctly, the data may still be inaccurate. To help with quality control, use an independent certification process on one or more of your records. Review the information about data certifications, and be sure to adhere to your company's development and change management guidelines.Schedule the data certification to run periodicallyCertification Schedule example Congratulations You have completed this Get Well Playbook.