-
Notifications
You must be signed in to change notification settings - Fork 51
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Create a task for each host and a sub-task for each vulnerability #303
Comments
Totally possible, would simply require adjusting the config file by switching the task and subtask settings and adjusting the fields to properly support this. I will note that at the moment, we haven't tested any nuance from this setup. |
I think I remember that in the old version we had this possibility, also, I have a scenario where I have multiple tenable tenants and I need to Integrate all of them in a single Jira tenant, is there any best practices advice for this? At the moment I am just creating the projects based on a template, but I caught some issues with jira screens for example. |
If your trying to blend in multiple integration sources and you want to ensure no conflict occurs, you may want to add a field that is simply a static value, and then assign that value differently for each run. You'd also want to modify the search to support it. For example: Add this at the bottom of the file...[[jira.fields]]
name = "Tenant Name"
screen_tab = "Asset"
type = "readonlyfield"
searcher = "textsearcher"
task_types = ["subtask"]
static_value = "tenant-123" Then adjust the search like so:[jira.subtask]
# What fields should we use to search for a matching Sub-Task within Jira?
search.tvm = [
"Tenant Name",
"Tenable Platform",
"Tenable Plugin ID",
"Tenable Asset UUID",
"Vulnerability Port",
"Vulnerability Protocol"
]
search.tsc = [
"Tenant Name",
"Tenable Platform",
"Tenable Plugin ID",
"Tenable Asset UUID",
"Device IPv4 Addresses",
"Device IPv6 Addresses",
"Vulnerability Port",
"Vulnerability Protocol"
] As mentioned before, I'd have to build a clean config to flip the logic from Vuln->Asset to Asset->Vuln, and that may take me a bit of time to get around to doing that and testing. |
Ok, thank you very much!! I tried myself inverting the logic to Asset -> Vulns but i got a lot of errors, so I think I will have to wait. |
Yeah the current configuration examples make a lot of assumptions on the predominant workflow of Vuln->Asset. Let me know of the tenant blending is working. if it is I'll consider that part as resolved and flag this issue as a backlog item to get to a bit later. |
Yeah the multiple tenants are working also because of the project id in Jira, i created a project for each so each vulnerability goes to the right project, I was having some problems mainly because of jira screens, but i created a project template and then changed the key for each one, so this is resolved. |
Would love to see if we can configure Asset -> Vuln in the near future. |
Hello!
The integration creates a task for each vulnerability and creates each vulnerability instance as a sub-task.
We need an option to create a task for each host and a sub-task for each vulnerability affecting that host. This would be the opposite approach. Is it possible?
The text was updated successfully, but these errors were encountered: