Configure tags so you can apply them to assets in your subscription. This helps you to organize your assets and to manage user access to them. You can apply tags to IP addresses and web applications.
You can create tags by completing the following steps. Also, you can create tag sets.
1) Go to Tags and select Create Tag.
2) Enter the basic details and tag properties for your tag.
Give your tag a name (up to 1024 characters).
Select Mark as Favourite if you want to create a tag as favourite. Favourite tag will be displayed with yellow star in the list.
Add a description for your tag (optional).
- Asset Criticality ScoreAsset Criticality Score
This score represents the criticality of the asset to your business infrastructure.
- You can set the asset criticality score between 1 to 5. Score 1 being the lowest criticality and 5 being the highest criticality assigned to an asset, when selected.
- If you don't select asset criticality score, by default the asset criticality score '2' will be applied to that asset.
- If your asset has multiple tags with some asset criticality score, the criticality of your asset will be the maximum criticality score among the tags. (For example, asset 'A' has three tags with asset criticality score 3, 4 and 2 then the asset criticality score of asset 'A' will be 4).
Note: You can change the criticality score from tags, but it doesn't get applied immediately to assets. The changed criticality score gets applied only after the next scan.
- Tag PropertiesTag Properties
Color coding is a great way to organize tags. You might assign different colors to different tag.
When creating a child tag, you can select a parent tag from existing
tags in your account. To select existing tag click Select
and then choose a tag from Select
Tags pop up. You can enable the "Search within child"
checkbox. This helps you when searching for parent tags on the Tags
page; related child tags will appear.
You can also create a new tag for a parent. Simply, click Create
and again similar form to create a tag displays. You'll not be able
to create a new parent from this new tag.
3) Set up a dynamic tag type (optional). If there is no dynamic rule, then your tag will be saved as a static tag.
There are two types of tags - Static and Dynamic. By default, static tag will be created. Dynamic tag allows you to define Tag Rules. You can select "Evaluate Rule on Creation" checkbox to evaluate dynamic rule once it is created or updated.
The following are the rules that help to identify the assets to apply tags.
- No Dynamic Rule: Your tag will be a static tag.
- Asset Name Contains: Applies the tag when any part of the user-definable asset name contains the substring or substrings you enter. Add multiple substrings separated by the "|" (vertical bar) with no spaces before or after.
- Business Information: Applies tags to the assets with queried business information attributes.
- Asset Inventory: Applies the tag to assets from CyberSecurity Asset Management.
Note: Asset Inventory tag rules are available only if you have the following subscription:
- VMDR (Trial/Purchase) + GAV/CSAM (Trial/Full)
- Non-VMDR/VM + CSAM (Trial/Full)
- IP Address In Range(s): Applies the tag to assets with an IP in the range you enter (e.g. 172.31.254.0-172.31.254.25 or 172.31.254.0/25).
- IP Address In Range(s) + Network(s): Applies the tag to assets with an IP in the range you enter and network.
- Open Ports: Applies the tag to assets whose port listing matches the ports you enter (e.g. 80,123).
- Cloud Asset Search: Applies the tag to Amazon EC2, Microsoft Azure, and Google Cloud Platform instances matching the query you provide. You can also create tags for your cloud assets. For more information, refer to the following:
Tag your Amazon EC2 instances | Tag your Microsoft Azure instances | Tag your Google Cloud Platform instances
- Vuln (QID) Exists: Applies the tag to assets with the vulnerability (QID).
- Groovy Scriptlet: Applies the tag to assets based on the Groovy script.
- Asset Search: Applies the tag to assets based on QID results.
- Test Rule Applicability on Selected Assets.Test Rule Applicability on Selected Assets.
(optional) Select assets in your account to test the rule and click Apply. The result is shown in the "Test Rule Applicability on Selected Assets" section of the 'Create New Tag' page.
Pass: A green color 'Pass' tells you the asset matches the rule.
Fail: A red color 'Fail' tells you the asset does not match the rule.
Note: For the Groovy Scriptlet rule, a gear icon is shown next to the Pass or Fail result. When you click the gear icon, you can see the Groovy rule test results for the assets that you selected.
4) Click Create to save the tag. When you save your dynamic tag, we apply it to all scanned hosts that match the rule you defined. You can filter the assets list to show only those that match your new tag rule.
Note: When you save your static tag, you can apply it to your asset from the Inventory tab.
Why are some tags already in my account?
Tag your Microsoft Azure instances
Tag your Google Cloud Platform instances