IBM Cloud Pak for Security Cases ticketing configuration

Guardium® Insights allows integrations with a variety of ticketing services so that you can create tickets based on Guardium Insights findings.

Before you begin

The ticketing configuration settings allow you to connect to your ticketing system by specifying its URL and authentication credentials. If you will authenticate via an API key and secret, ensure that you have the key and secret available for providing to Guardium Insights.

To see the various settings, open the main menu. Open this menu by clicking the main menu icon (main menu)) After opening the menu, select Integrations.

Note: You can only have one enabled ticketing integration at a time. If you are creating a ticketing integration and there is already one enabled, disable it before creating the new integration.
Note: You can only have one enabled ticketing integration at a time. If you are creating a ticketing integration and there is already one enabled, disable it before creating the new integration.

Procedure

  1. Choose the IBM Cloud Pak for Security Cases card.
  2. After reading the About information, click Next.
  3. Enter a unique name for the integration in the Name field.
  4. URL: Enter the URL of the ticketing system (any URL for the system can be entered - Guardium Insights will make use of the URL's host name only).
  5. Optional: Public SSL certificate: Enter the server certificate details (to learn how to obtain an SSL certificate, see Obtaining an SSL certificate).
    If the URL for your ticketing system begins with https, Guardium Insights will attempt to connect to it using SSL and uploading the certificate is not necessary. However, if the ticketing service URL is prone to attack, enter the SSL certificate details here.
  6. Authentication Type: Enter your ticketing system's API key in the API key field and then enter the secret in the Key secret field.
  7. Organization ID: Enter your organization ID.
  8. After completing the configuration settings, click Test connection to ensure that the Guardium Insights can connect to the ticketing server.
  9. After testing the connection, click Finish to save the ticketing configuration and create the integration.
  10. After you connect to the ticketing system, templates for tickets are generated by Guardium Insights. There are templates for a variety of notification types (for example, policy alert notifications and risk notifications). The templates map Guardium Insights data to ticketing fields and they include other modifiable fields.
    1. To enable or disable any of the notification templates, click the slider next to the template.
    2. If a template is enabled, you can modify it by clicking Edit next to the template.
    3. To create a template for the notification from scratch, click Create a template.

Results

After you create a ticketing integration, it is automatically enabled. You can disable or delete the integration by selecting its menu in the Connected integrations section of the Integrationspage. You can also open the integration and click its top right hand slider to enable or disable it.