--- tags: [TableCheck, instance scan, table check, health scan] --- # TableCheck Creates a table check that scans records in a specific table (`scan_table_check`). Supports three modes: - Condition-only: use `conditions` to filter records (default) - Script-only: set `advanced: true` and provide a `script` - Combined: set `advanced: true` with both `conditions` and `script` ## Signature ```typescript fluent TableCheck(config) ``` ## Usage ```typescript fluent // Condition-based check TableCheck({ $id: Now.ID['check-inactive-users'], name: 'Inactive Users with Roles', active: true, category: 'security', priority: '2', shortDescription: 'Finds inactive users that still have active roles', table: 'sys_user', conditions: 'active=false^roles!=', }) // Advanced script-based check TableCheck({ $id: Now.ID['check-large-attachments'], name: 'Large Attachment Detector', active: true, category: 'performance', priority: '3', shortDescription: 'Identifies records with oversized attachments', table: 'sys_attachment', advanced: true, script: Now.include('./check-large-attachments.js'), }) // Combined conditions and script check TableCheck({ $id: Now.ID['check-stale-incidents'], name: 'Stale Incident Detector', active: true, category: 'manageability', priority: '2', shortDescription: 'Finds incidents that are open and stale', table: 'incident', advanced: true, conditions: 'state!=6^state!=7', script: Now.include('./check-stale-incidents.js'), }) ``` ## Parameters ### config `TableCheck` **Properties:** - **$id** (required): `string | number | ExplicitKey` - **category** (required): `ScanCategory` Classifies what aspect of the instance this check evaluates - **name** (required): `string` Unique name identifying this check - **priority** (required): `ScanPriority` Severity level: 1=Critical, 2=High, 3=Moderate, 4=Low - **shortDescription** (required): `string` Brief summary displayed in scan results - **table** (required): `keyof Tables` Table to scan - **active** (optional): `boolean` Controls whether this check runs during scans. Defaults to true - **advanced** (optional): `boolean` Enables custom script mode instead of condition-based scanning - **conditions** (optional): `string` Encoded query filtering which records to evaluate - **description** (optional): `string` Full explanation of what this check evaluates and why - **documentationUrl** (optional): `string` Link to external documentation for this check - **findingType** (optional): `unknown` Table where findings are stored. Defaults to scan_finding - **resolutionDetails** (optional): `string` Guidance on how to remediate findings from this check - **runCondition** (optional): `string` Encoded query condition that must be met before this check runs - **scoreMax** (optional): `number` Maximum number of findings for scoring calculation - **scoreMin** (optional): `number` Minimum number of findings before scoring applies - **scoreScale** (optional): `number` Multiplier applied to the finding count for scoring - **script** (optional): `string` Server-side script executed when the check runs - **useManifest** (optional): `boolean` Uses the upgrade manifest to scope findings to changed records ## Examples ### Basic Table Check Create instance scan checks that scan records in specific tables using conditions or advanced scripts ```typescript fluent /** * @title Basic Table Check * @description Create instance scan checks that scan records in specific tables using conditions or advanced scripts */ import { TableCheck } from '@servicenow/sdk/core' export const inactiveUsersWithRoles = TableCheck({ $id: Now.ID['check-inactive-users-roles'], name: 'Inactive Users with Roles', active: true, category: 'security', priority: '2', shortDescription: 'Finds inactive users that still have active role assignments', table: 'sys_user', conditions: 'active=false^roles!=', description: 'Identifies user accounts that have been deactivated but still retain role assignments, which may pose a security risk if the accounts are reactivated.', resolutionDetails: 'Remove role assignments from inactive user accounts or confirm the roles are intentionally retained for reactivation.', }) export const largeAttachmentCheck = TableCheck({ $id: Now.ID['check-large-attachments'], name: 'Large Attachment Detector', active: true, category: 'performance', priority: '3', shortDescription: 'Identifies records with oversized attachments that impact performance', table: 'sys_attachment', advanced: true, script: Now.include('./check-large-attachments.js'), useManifest: true, }) export const staleIncidentCheck = TableCheck({ $id: Now.ID['check-stale-incidents'], name: 'Stale Incident Detector', active: true, category: 'manageability', priority: '2', shortDescription: 'Finds incidents that are open and stale', table: 'incident', advanced: true, conditions: 'state!=6^state!=7', script: Now.include('./check-stale-incidents.js'), }) ``` **check-large-attachments.js** ```javascript ;(function checkLargeAttachments(current) { if (current.size_bytes > 10485760) { finding.increment() } })(current) ``` **check-stale-incidents.js** ```javascript ;(function checkStaleIncidents(current) { var lastUpdated = new GlideDateTime(current.sys_updated_on) var now = new GlideDateTime() var diff = GlideDateTime.subtract(lastUpdated, now) if (diff.getNumericValue() > 7776000000) { finding.increment() } })(current) ``` For guidance on all instance scan check types, see the `instance-scan-guide` topic.