Ticketing Scheme 7: CS-Image-Link/Unlink Ticket Scheme
A parent ticket (Link Vulnerable Image ticket) is created for every image detected and synced by the container API. A child ticket (Image Vulnerability sub-ticket) is created for each unique combination of QID and Port.
The tickets are created with the ticket status as prescribed in the 'workflowmappings' parameter.
The Vulnerability tickets are:
- Linked to the Vulnerable Image ticket if respective detection status is in New/Active/Reopen.
- Unlinked from the Vulnerable Image ticket if they are re-synced in a Fixed status.
- Linked tickets with the JiraTicketAction value as Create are always kept in an open state.
If all the Image Vulnerability sub-tickets under a Vulnerable Image ticket are unlinked and there are no other linked sub-tickets, then the Vulnerable Image tickets are closed.
Link Vulnerable Image Ticket:
Link Image Vulnerability Subtickets:
Custom Fields for Ticketing Scheme 7: CS-Image-Link/Unlink Ticket Scheme
The table below lists the custom fields you can add for ticketing scheme 7. Refer to Creating Custom Fields to add custom fields to your ticketing scheme.
| Issue Type | Field Name | Field Type | Searchable | Configuration |
|---|---|---|---|---|
|
Link Vulnerable Image
|
Associated Hosts |
Text Field (multi line) |
Yes |
Wiki Style Renderer |
| DockerHub Official | Text Field (single line) |
Yes |
NA | |
| Image Created On | Text Field (single line) |
Yes |
NA | |
| Image Id: | Text Field (single line) |
Yes |
NA | |
| Image SHA: | Text Field (single line) |
Yes |
NA | |
| Image Tags |
Labels |
Yes |
NA | |
| Primary Key | Text Field (read-only) |
Yes |
NA | |
| Image Updated On |
Text Field (single line) |
Yes |
NA | |
| Last Scanned | Text Field (single line) |
Yes |
NA | |
| OS Name | Text Field (single line) |
Yes |
NA | |
| Registry Name | Text Field (single line) |
Yes |
NA | |
| Repository Name | Text Field (single line) |
Yes |
NA | |
| Scan Types | Text Field (single line) |
Yes |
NA | |
|
Total Vulns |
Number |
Yes |
NA | |
| Link Image Vulnerability | Authentication | Text Field (single line) | Yes | NA |
| Category | Text Field (single line) | Yes | NA | |
| Consequence | Text Field (multi line) | Yes | NA | |
| Diagnosis | Text Field (mutli line) |
Yes |
NA | |
|
Discovery Method |
Text Field (single line) |
Yes |
NA | |
| Patch Available | Text Field (single line) |
Yes |
NA | |
| Port |
Number |
Yes |
NA | |
| Primary Key | Text Field (read-only) |
Yes |
NA | |
| Published Date | Text Field (single line) |
Yes |
NA | |
|
QID |
Number |
Yes |
NA | |
| Qualys Detection Status | Text Field (single line) |
Yes |
NA | |
| Qualys Reported Access Vector | Text Field (single line) |
Yes |
NA | |
| Qualys Reported CVEs | Text Field (single line) |
Yes |
NA | |
| Qualys Reported CVSSv2 Base | Number | Yes | NA | |
| Qualys Reported CVSSv2 Temporal | Number | Yes | NA | |
| Qualys Reported CVSSv3.1 Base | Number | Yes | NA | |
| Qualys Reported CVSSv3.1 Temporal | Number | Yes | NA | |
| Qualys Severity | Number | Yes | NA | |
| Scan Type | Text Field (single line) | Yes | NA | |
| Solution | Text Field (multi line) | Yes | NA | |
| Supported Apps | Text Field (single line) | Yes | NA | |
| Vuln Type | Text Field (single line) | Yes | NA | |
|
Vulnerable Software |
Text Field (multi line) | Yes | Wiki Style Renderer | |
| Impact | Text Field (multi line) | Yes | NA |