Ticketing Scheme 1: Host Vulnerability Linking Ticket Scheme
A parent ticket (Vulnerable Host ticket) is created for every host detected and synced by the host detection API. A child ticket (Vulnerability ticket) is then created for each unique combination of QID and Port.
Vulnerability tickets are generated for vulnerabilities that haven't been marked for exclusion by the VM. To incorporate vulnerabilities designated for exclusion into ticketing schemes, use the "include_ignored=1" value in the filter parameter.
The Vulnerability tickets are:
- Linked to the Vulnerable Host ticket if respective detection status is in New/Active/Reopen.
- Unlinked from the Vulnerable Host ticket if they are re-synced in a Fixed status.
If all the Vulnerability tickets under a Vulnerable Host ticket are unlinked and there are no other linked tickets, then the Vulnerable Host tickets are closed.
Upon successfully creating tickets with Ticketing Scheme 1, your host and vulnerability details are displayed below.
Vulnerable Host Ticket:
Vulnerability Ticket:
Custom Fields for Ticketing Scheme 1 – Host-Vuln Linking
The table below lists the custom fields you can add for ticketing scheme 1. Refer to Creating Custom Fields to start adding the custom fields to your ticketing scheme.
| Issue Type | Field Name | Field Type | Searchable |
|---|---|---|---|
| Vulnerable Host | Host ID | Number | Yes |
| Asset ID | Number | Yes | |
| IP | Text - single line | Yes | |
| IPV6 | Text - single line | Yes | |
| Tracking Method | Text - single line | Yes | |
| OS | Text - single line | Yes | |
| Last Scan Datetime | Text - single line | Yes | |
| Last VM Scanned Date | Text - single line | Yes | |
| Asset Tag | Labels | Yes | |
| Primary Key | Text - Read-only | Yes | |
| TruRisk Score | Number | Yes | |
| Asset Criticality Score | Number | Yes | |
| Vulnerability | QID | Number | Yes |
| Port | Number | Yes | |
| QDS | Number | Yes | |
| Severity | Number | Yes | |
| Vuln Type | Text - single line | Yes | |
| Patchable | Text - single line | Yes | |
| PCI Flag | Text - single line | Yes | |
| Vuln Category | Text - single line | Yes | |
| Published Datetime | Text - single line | Yes | |
| CVSS Base | Number | Yes | |
| CVSS Temporal | Number | Yes | |
| CVSS V3 Base | Number | Yes | |
| CVSS V3 Temporal | Number | Yes | |
| Last Service Modification Datetime | Text - single line | Yes | |
| CVEs | Text - Multi line | Yes | |
| Diagnosis | Text - Multi-line | Yes | |
| Consequence | Text - Multi-line | Yes | |
| Solution | Text - Multi-line | Yes | |
| Primary Key | Text - Read-only | Yes |