Closing Tickets
It is the ticket owner's responsibility to fix the vulnerability associated with the ticket or mark the ticket "Ignored". The following diagram illustrates how Open tickets are closed.
Tickets may be closed by the following methods:
a) After fixing the vulnerability related to a ticket, the user changes the ticket state to Resolved. During the next scan, the service verifies that the vulnerability is fixed and closes the ticket.
b) Tickets may be moved directly from Open to Closed state, without user action on the ticket. The user fixes the vulnerability related to the ticket. During the next scan, the service verifies that the vulnerability is fixed and closes the ticket. (The dashed line indicates that this action may be disabled by a Manager by going to Remediation > Setup.)
c) Users have the option to ignore tickets for vulnerabilities that they don't plan to fix, thus moving them to the Closed/Ignored state. You can also create a policy that creates tickets in the Closed/Ignored state for tracking purposes. Ignored tickets may be reopened at a later time automatically by the service or manually by users. (Note that Scanners and Readers may not have the ability to ignore tickets. Go to Remediation > Setup to see if Scanners and Readers have this permission.)
- When the users resolve a ticket manually, and the service re-opens/closes the ticket as required, the resolved date does not modify unless it is manually resolved again.
- If the ticket was never manually resolved and the service closes the ticket, then the resolved date matches the closed date.
- If the ticket was never manually resolved and the ticket is ignored, then the resolved date is the date it was ignored.
- If the ticket has never been resolved or closed, then there is no resolved date.