Ticketing Scheme 7: CS-Image-Link/Unlink Ticket Scheme

A parent ticket (Link Vulnerable Image ticket) is created for every image detected and synced by the container API. A child ticket (Image Vulnerability sub-ticket) is created for each unique combination of QID and Port.

The tickets are created with the ticket status as prescribed in the 'worfklowmappings' parameter. 

The Vulnerability tickets are:

If all the Image Vulnerability sub-tickets under a Vulnerable Image ticket are unlinked and there are no other linked sub-tickets, then the Vulnerable Image tickets are closed.

Link Vulnerable Image Ticket:

Vulnerability Image Ticket

Link Image Vulnerability Subtickets:

Custom Fields for Ticketing Scheme 7: CS-Image-Link/Unlink Ticket Scheme

The table below lists the custom fields you can add for ticketing scheme 7. Refer to Creating Custom Fields to add custom fields to your ticketing scheme.

Issue Type

Field Name

Field Type

Searchable

Configuration

Link Vulnerable Image

 

 

 

 

 

 

 

 

 

 

 

Associated Hosts

Text Field multi line

Yes

Wiki Style Renderer
DockerHub Official Text Field single line

Yes

NA
Image Created On Text Field single line

Yes

NA
Image Id:

Number

Yes

NA
Image SHA: Text Field single line

Yes

NA
Image Tags

Labels

Yes

NA
Primary Key Text Field (read-only)

Yes

NA
Image Updated On

Text Field (single line)   

Yes

NA
Last Scanned Text Field (single line)

Yes

NA
OS Name Text Field (single line)

Yes

NA
Registry Name Text Field (single line)

Yes

NA
Repository Name Text Field (single line)

Yes

NA
Scan Types Text Field (single line)

Yes

NA

Total Vulns

Number    

Yes

NA
Link Image Vulnerability Authentication Text Field (single line) Yes NA
Category Text Field (single line) Yes NA
Consequence Text Field (multi line) Yes NA
Diagnosis Text Field (mutli line)

Yes

NA

Discovery Method   

Text Field (single line)

Yes

NA
Patch Available Text Field (single line)

Yes

NA
Port

Number

Yes

NA
Primary Key Text Field (single line)

Yes

NA
Published Date Text Field (single line)

Yes

NA

QID

Number

Yes

NA
Qualys Detection Status Text Field (single line)

Yes

NA
Qualys Reported Access Vector Text Field (single line)

Yes

NA
Qualys Reported CVEs Text Field (single line)

Yes

NA
Qualys Reported CVSSv2 Base Number Yes NA
Qualys Reported CVSSv2 Temporal Number Yes NA
Qualys Reported CVSSv3.1 Base Number Yes NA
Qualys Reported CVSSv3.1 Temporal Number Yes NA
Qualys Severity Number Yes NA
Scan Type Text Field (single line) Yes NA
Solution Text Field (multi line) Yes NA
Supported Apps Text Field (single line) Yes NA
Vuln Type Text Field (single line) Yes NA

Vulnerable Software

Text Field (multi line) Yes Wiki Style Renderer
Impact Text Field (multi line) Yes NA