Ticketing Scheme 1: Host Vulnerability Linking Ticket Scheme

A parent ticket (Vulnerable Host ticket) is created for every host detected and synced by the host detection API. A child ticket (Vulnerability ticket) is then created for each unique combination of QID and Port.

Vulnerability tickets are generated for vulnerabilities that haven't been marked for exclusion by the VM. To incorporate vulnerabilities designated for exclusion into ticketing schemes, use the "include_ignored=1" value in the filter parameter.

The Vulnerability tickets are:

  • Linked to the Vulnerable Host ticket if respective detection status is in New/Active/Reopen.
  • Unlinked from the Vulnerable Host ticket if they are re-synced in a Fixed status.

If all the Vulnerability tickets under a Vulnerable Host ticket are unlinked and there are no other linked tickets, then the Vulnerable Host tickets are closed.

Upon successfully creating tickets with Ticketing Scheme 1, your host and vulnerability details are displayed below.

Vulnerable Host Ticket:

vulnerable host ticket

Vulnerability Ticket:

Custom Fields for Ticketing Scheme 1 – Host-Vuln Linking

The table below lists the custom fields you can add for ticketing scheme 1. Refer to Creating Custom Fields to start adding the custom fields to your ticketing scheme.

Issue Type Field Name Field Type Searchable
Vulnerable Host Host ID Number Yes
Asset ID Number Yes
IP Text - single line Yes
IPV6 Text - single line Yes
Tracking Method Text - single line Yes
OS Text - single line Yes
Last Scan Datetime Text - single line Yes
Last VM Scanned Date    Text - single line Yes
Asset Tag     Labels     Yes
Primary Key Text - Read-only Yes
TruRisk Score Number Yes
Asset Criticality Score Number Yes
Vulnerability QID     Number Yes
Port     Number Yes
QDS     Number Yes
Severity     Number Yes
Vuln Type Text - single line Yes
Patchable Text - single line Yes
PCI Flag Text - single line Yes
Vuln Category Text - single line Yes
Published Datetime Text - single line Yes
CVSS Base     Number Yes
CVSS Temporal Number Yes
CVSS V3 Base Number Yes
CVSS V3 Temporal Number Yes
Last Service Modification Datetime Text - single line Yes
CVEs Text - Multi line Yes
Diagnosis Text - Multi-line Yes
Consequence Text - Multi-line Yes
Solution Text - Multi-line Yes
Primary Key Text - Read-only Yes