Guardium® Insights allows
integrations with a variety of ticketing services so that you can create tickets based on Guardium Insights findings.
Before you begin
The ticketing configuration settings allow you to connect to your ticketing system by specifying
its URL and authentication credentials. If you will authenticate via an API key and secret, ensure
that you have the key and secret available for providing to Guardium Insights.
To see the various settings, open the main menu. Open this menu by clicking the main menu icon ()) After opening the menu, select
Integrations.
Note: You can only have one enabled ticketing integration at a
time. If you are creating a ticketing integration and there is already one enabled, disable it
before creating the new integration.
Note: You can only have one enabled ticketing integration at a
time. If you are creating a ticketing integration and there is already one enabled, disable it
before creating the new integration.
Procedure
- Choose the IBM Cloud Pak for Security Cases card.
- After reading the About information, click
Next.
- Enter a unique name for the integration in the
Name field.
- URL: Enter the URL of the ticketing system (any URL for
the system can be entered - Guardium Insights will make use
of the URL's host name only).
- Optional: Public SSL certificate: Enter the server
certificate details (to learn how to obtain an SSL certificate, see Obtaining an SSL certificate).
If the URL for your ticketing system begins with
https
, Guardium Insights will attempt to
connect to it using SSL and uploading the certificate is not necessary. However, if the ticketing
service URL is prone to attack, enter the SSL certificate details here.
- Authentication Type: Enter your ticketing
system's API key in the API key field and then enter the secret in the
Key secret field.
- Organization ID: Enter your organization ID.
- After completing the configuration settings, click
Test connection to ensure that the Guardium Insights can connect to the ticketing server.
- After testing the connection, click Finish
to save the ticketing configuration and create the integration.
- After you connect to the ticketing system, templates for tickets
are generated by Guardium Insights. There are templates for
a variety of notification types (for example, policy alert notifications and risk notifications).
The templates map Guardium Insights data to ticketing
fields and they include other modifiable fields.
- To enable or disable any of the notification templates, click the slider next to the
template.
- If a template is enabled, you can modify it by clicking Edit
next to the template.
- To create a template for the notification from scratch, click Create a
template.
Results
After you create a ticketing integration, it is automatically enabled. You can
disable or delete the integration by selecting its menu in the Connected
integrations section of the Integrationspage. You can also open the
integration and click its top right hand slider to enable or disable it.