IBM Cloud Pak for Security Cases ticketing configuration

Guardium® Insights SaaS allows integrations with a variety of ticketing services so that you can create tickets based on Guardium Insights SaaS findings.

Before you begin

Premium This feature is available only in the Premium edition of Guardium Insights SaaS.

The ticketing configuration settings allow you to connect to your ticketing system by specifying its URL and authentication credentials. If you will authenticate via an API key and secret, ensure that you have the key and secret available for providing to Guardium Insights SaaS.

To see the various settings, open the main menu. Open this menu by clicking the main menu icon (main menu)) After opening the menu, select Integrations.

Note: You can only have one enabled ticketing integration at a time. If you are creating a ticketing integration and there is already one enabled, disable it before creating the new integration.
Note: You can only have one enabled ticketing integration at a time. If you are creating a ticketing integration and there is already one enabled, disable it before creating the new integration.

Procedure

  1. Choose the IBM Cloud Pak for Security Cases card.
  2. After reading the About information, click Next.
  3. Enter a unique name for the integration in the Name field.
  4. URL: Enter the URL of the ticketing system (any URL for the system can be entered - Guardium Insights SaaS will make use of the URL's host name only).
  5. Public SSL certificate: Enter the server certificate details (to learn how to obtain an SSL certificate, see Obtaining an SSL certificate).
  6. Authentication Type: Enter your ticketing system's API key in the API key field and then enter the secret in the Key secret field.
  7. Organization ID: Enter your organization ID.
  8. After completing the configuration settings, click Test connection to ensure that the Guardium Insights SaaS can connect to the ticketing server.
  9. After testing the connection, click Finish to save the ticketing configuration and create the integration.
  10. After you connect to the ticketing system, templates for tickets are generated by Guardium Insights SaaS. There are templates for a variety of notification types (for example, policy alert notifications and risk notifications). The templates map Guardium Insights SaaS data to ticketing fields and they include other modifiable fields.
    1. To enable or disable any of the notification templates, click the slider next to the template.
    2. If a template is enabled, you can modify it by clicking Edit next to the template.
    3. To create a template for the notification from scratch, click Create a template.

Results

After you create a ticketing integration, it is automatically enabled. You can disable or delete the integration by selecting its menu in the Connected integrations section of the Integrationspage. You can also open the integration and click its top right hand slider to enable or disable it.