Configurations
Click here to see this page in full context


Configuration

By this point, you should be ready with your installed application. So, let's begin setting up your connector by providing the necessary configurations.

  1. Navigate to your Jira Connector Docker volume > Open '_data' > 'config'.
  2. Select config.json.template > Rename the template file to config.json.
  3. Open the renamed config.json file via a text editor and provide the following inputs:

    With v1.2.0, you can provide multiple profiles for Host Detection and WAS ticketing
    schemes. However, keep in mind, the projectKey parameter should be unique for each profile of either ticketing scheme. You cannot create multiple profiles for KnowledgeBase.

    1. Provide your Qualys credentials. The URL should be the Qualys API URL for your platform. Refer to Platform Identification to know more. Do not end the URL with '/'.
    2. Specify whether the Jira is hosted “onCloud” or “onPremise.”
    3. Provide your Jira credentials.
    4. Provide proxy network information, if required.

      Upon updating and saving the config.json files, the Qualys, Jira and proxy passwords are encrypted and replaced with a static text.

    5. Set the Profile parameters:
      • “active”: Set this parameter to true or false to enable/disable creating tickets for that profile.
      • “frequencyInMinutes”: Set the interval (in minutes) for Qualys client service to make periodic API calls to fetch data from the Qualys platform.
      • “filter”: You can set filters to fetch specific data from the Qualys platform. For Host Detection, the filters must be provided in a URL-encoded format. For WAS, the filters must be provided using escape for double For example "{\"ServiceRequest\":{\"preferences\":{\"verbose\":\"true\"} ,\"filters\":{\"Criteria\":[{\"field\":\"qid\",\"operator\" :\"NOT EQUALS\",\"value\":\"0\"}]}}}" quotes.
      • “projectKey”: Set the project key from your Jira instance under which the tickets are to be created.

        For Host Detection, default filters are
        action=list&status=New,Active, Re-Opened,
        Fixed&output_format=XML&vm_processed_after= &vm_process
        ed_before=         >and these should not be re-entered in the config file.

      • “ticketingScheme”: You can choose between inputs 1-8 for this parameter. Each number denotes the respective ticketing schemes. Refer to Understanding Ticketing Schemes to get a better understanding of ticketing schemes.

        We do not create tickets for knowledgebase. We only use the knowledgebase data to fetch a few fields for detection tickets such as diagnosis or solution.

      • “batchSize”: This parameter is only applicable for KnowledgeBase. Define the batch of QIDs to be fetched by KnowledgeBase APIs in a call. The default value is 500.
      • “hostAssetApiFilter”: This parameter is only applicable for Host Detection. Define filters for Host List values such as show_trurisk and truncation_limit. truncation_limit can only be set with this parameter. If set using the ‘filter’ parameter, the input is ignored.
      • “numberOfThreadsForJiraClient”: This field enables the Jira Client to run in multi-threading mode. Specify the number of threads to run the Jira Client on. The default value is 2, and you can set the value up to 10.
      • "JiraTicketAction": This parameter is only applicable to CS Images. Select the action for the Jira Client to perform when a new vulnerable image is discovered. The create action closes the existing ticket and creates a new ticket for every discovery. The update action updates an existing ticket.
  4. Save the file.

    Files saved from Linux editors like Vim, VI etc may not trigger the Jira connector due to limitations from the Watcher service. We recommend using tools like Winscp to make updates to the file. Otherwise, restart the Jira Connector Container after updating on your preferred editor.

    When the config.json file is saved, both containerized services - Qualys client service and Jira client service begin reading and performing the actions mentioned in Jira Connector Services.

    To upload your own config.json file rather than updating the existing template, you need to provide additional permissions for the file. We recommend the minimum permission as 706. You can set this permission by running chmod 706 config.json from Jira connector’s config directory.