Guardium®
Insights SaaS allows
integrations with a variety of ticketing services so that you can create tickets based on Guardium
Insights SaaS findings.
Before you begin
Premium This feature is
available only in the Premium edition of Guardium
Insights SaaS.
The ticketing configuration settings allow you to connect to your ticketing system by specifying
its URL and authentication credentials. If you will authenticate via an API key and secret, ensure
that you have the key and secret available for providing to Guardium
Insights SaaS.
To see the various settings, open the main menu. Open this menu by clicking the main menu icon ()) After opening the menu, select
Integrations.
Note: You can only have one enabled ticketing integration at a
time. If you are creating a ticketing integration and there is already one enabled, disable it
before creating the new integration.
Note: You can only have one enabled ticketing integration at a
time. If you are creating a ticketing integration and there is already one enabled, disable it
before creating the new integration.
Procedure
- Choose the IBM Cloud Pak for Security Cases card.
- After reading the About information, click
Next.
- Enter a unique name for the integration in the
Name field.
- URL: Enter the URL of the ticketing system (any URL for
the system can be entered - Guardium
Insights SaaS will make use
of the URL's host name only).
- Public SSL certificate: Enter the server
certificate details (to learn how to obtain an SSL certificate, see Obtaining an SSL certificate).
- Authentication Type: Enter your ticketing
system's API key in the API key field and then enter the secret in the
Key secret field.
- Organization ID: Enter your organization ID.
- After completing the configuration settings, click
Test connection to ensure that the Guardium
Insights SaaS can connect to the ticketing server.
- After testing the connection, click Finish
to save the ticketing configuration and create the integration.
- After you connect to the ticketing system, templates for tickets
are generated by Guardium
Insights SaaS. There are templates for
a variety of notification types (for example, policy alert notifications and risk notifications).
The templates map Guardium
Insights SaaS data to ticketing
fields and they include other modifiable fields.
- To enable or disable any of the notification templates, click the slider next to the
template.
- If a template is enabled, you can modify it by clicking Edit
next to the template.
- To create a template for the notification from scratch, click Create a
template.
Results
After you create a ticketing integration, it is automatically enabled. You can
disable or delete the integration by selecting its menu in the Connected
integrations section of the Integrationspage. You can also open the
integration and click its top right hand slider to enable or disable it.