Configure Tags in CSAM
Configure tags so you can apply them to assets in your subscription. This helps you to organize your assets and to manage user access to them. You can apply tags to IP addresses and web applications.
You can create tag sets.
To create tags, follow these steps:
- Go to Tags and select Create Tag.
- Enter the basic details and tag properties for your tag.
Give your tag a name (up to 1024 characters).
Select Mark as Favourite if you want to create a tag as favourite. Favourite tag will be displayed with yellow star in the list.
Add a description for your tag (optional).
Asset Criticality ScoreAsset Criticality Score
This score represents the criticality of the asset to your business infrastructure.
- You can set the asset criticality score between 1 to 5. Score 1 being the lowest criticality and 5 being the highest criticality assigned to an asset, when selected.
- If you don't select asset criticality score, by default the asset criticality score '2' will be applied to that asset.
- If your asset has multiple tags with some asset criticality score, the criticality of your asset will be the maximum criticality score among the tags. (For example, asset 'A' has three tags with asset criticality score 3, 4 and 2 then the asset criticality score of asset 'A' will be 4).
Note: You can change the criticality score from tags, but it doesn't get applied immediately to assets. The changed criticality score gets applied only after the next scan.
Color coding is a great way to organize tags. You might assign different colors to different tags.
When creating a child tag, you can select a parent tag from existing tags in your account. To select existing tag click Select and then choose a tag from Select Tags pop up. You can enable the "Search within child" checkbox. This helps you when searching for parent tags on the Tags page; related child tags will appear.
You can also create a new tag for a parent. Simply, click Create and again similar form to create a tag. You will not be able to create a new parent from this new tag. - Set up a dynamic tag type (optional).
If there is no dynamic rule, then your tag will be saved as a static tag.
There are two types of tags - Static and Dynamic. By default, static tag will be created. Dynamic tag allows you to define Tag Rules. You can select "Evaluate Rule on Creation" checkbox to evaluate dynamic rule once it is created or updated.
The following are the rules that help to identify the assets to apply tags.
Rule Description Container Security Applies the tag to container assets that match the specified container asset type. You can provide the image or container query for defining assets. Asset Name Contains Applies the tag when any part of the asset name contains the substring(s) you enter. Use the "|" (vertical bar) to separate multiple substrings without spaces. Business Information Applies the tag to assets based on business information attributes. Asset Inventory Applies the tag to assets from CyberSecurity Asset Management. Asset Inventory tag rules are available only if you have the following subscription:
- VMDR (Trial/Purchase) + GAV/CSAM (Trial/Full)
- Non-VMDR/VM + CSAM (Trial/Full)IP Address In Range(s) Applies the tag to assets with an IP in the range you enter (e.g. 172.31.254.0-172.31.254.25 or 172.31.254.0/25). IP Address In Range(s) + Network(s) Applies the tag to assets with an IP address in the specified range and belonging to the specified network(s). Network Addresses Applies the tag to assets that match the specified network address criteria.
Available criteria: IPv4, IPv6, DNS, and NetBIOSOpen Ports Applies the tag to assets whose port listing matches the ports you enter (for example: 80,123). Cloud Asset Search Applies the tag to Amazon EC2, Microsoft Azure, and Google Cloud Platform instances matching the query you provide. You can also create tags for your cloud assets. For more information, refer to the documentation. Tag your Amazon EC2 instances | Tag your Microsoft Azure instances | Tag your Google Cloud Platform instances
Vuln (QID) Exists Applies the tag to assets that have a specific vulnerability (QID) detected. Groovy Scriptlet Applies the tag to assets based on the conditions defined in your custom Groovy script. Creating tags using Groovy Scriptlet is only available to a few customers. If you do not see this option and want to use it, contact your Technical Account Manager (TAM).
Asset Search Applies the tag to assets based on search results using a custom query. Vulnerability Detection Searches Applies the tag to assets that match a specific vulnerability detection query you enter. Test Rule Applicability on Selected Assets.Test Rule Applicability on Selected Assets.
(optional) Select assets in your account to test the rule and click Apply. The result is shown in the "Test Rule Applicability on Selected Assets" section of the 'Create New Tag' page.
Pass: A green color 'Pass' tells you the asset matches the rule.
Fail: A red color 'Fail' tells you the asset does not match the rule.
Note: For the Groovy Scriptlet rule, a gear icon is shown next to the Pass or Fail result. When you click the gear icon, you can see the Groovy rule test results for the assets that you selected.
- Click Create to save the tag. When you save your dynamic tag, we apply it to all scanned hosts that match the rule you defined. You can filter the assets list to show only those that match your new tag rule.
When you save your static tag, you can apply it to your asset from the Inventory tab.
Good to Know
Why are some tags already in my account?