Importing security vulnerabilities
This topic describes how to import a security vulnerability into BMC Network Automation.
You can get security advisories or bulletins obtained from a vendor into BMC Network Automation by importing them. Before you import one or more files obtained from a vendor, you must define an importer that can parse those files. For more information about defining an importer, see Adding or editing security vulnerability importers.
BMC Network Automation uses the vendor associated with the security vulnerability importer and a unique ID to determine if an import file is a new or an updated security vulnerability. If the file is an updated security vulnerability, BMC Network Automation uses any supplied version to determine if the import file is newer than what BMC Network Automation already possesses. Only newer files are imported successfully. Note that the version is optional. If no version is specified in the file to be imported or in the existing vulnerability, the import process performs an update.
If the import process results in an updated security vulnerability that has associated rules, the applicable OS image (version 8.9.01 or later) or subject (version 8.9.00) patterns in those rules are updated, in which case a Refresh Device Status action is necessary to detect any new violations. An event is logged in BMC Network Automation indicating that the rule was updated, to help you determine the need for a refresh.
Also during an update, if there are associated rules, you must have the rights to edit the associated rules. The import process fails and makes no changes if you do not have the required rights.
To import a security vulnerability
- Open the Security Vulnerabilities page by navigating to Admin > Network Admin > Security Vulnerability.
- Click the Import menu option.
The Import dialog box appears. Enter the following information:
Field Description Importer From the list of all importers, choose how the source file from a vendor is to be parsed into a security vulnerability in BMC Network Automation. File Choose to import either a single file or a zipped archive containing any number of files. Single files and zipped files must meet the following conditions: - Single file: When importing a single file, it must be named with the .xml extension (case-insensitive).
- Zipped file: When importing a zipped archive, the file must be named with the .zip extension. Only contained files named with the .xml extension are processed. Also, a zipped archive might be structured into arbitrary directories/folders and subdirectories/subfolders, in which case the import process traverses the entire archive. BMC Network Automation must have enough free disk space to unzip the zipped archive into the Java temporary directory (see the System Diagnostics report for the exact location).
Match Filenames (Optional) When you choose to import a zipped archive, you might want to filter the file names selected from the archive by using asterisk as the wildcard character. For example, *.xml
filters the files named with only a.xml
extension.Abort import when encounter any error (Optional) Select this option if you want to stop the import process when an error occurs. If you are defining a new importer, this option can be useful to avoid being overwhelmed by too many errors while still debugging the importer. - Click Import.
When the import process is in progress, the status is reported file by file.
Where to go from here
Associating security vulnerabilities with compliance rules
Related topics
Viewing the security vulnerabilities listing and details
Managing security vulnerability importers
Comments
Log in or register to comment.