Adding scanned data to BMC Helix Automation Console by using Jitterbit Harmony

BMC Helix iPaaS, powered by Jitterbit provides a pre-built integration template to add data scanned to BMC Helix Automation Console (previously BMC Helix Vulnerability Management). To use the integration template with the values defined out of the box, you update the project variables with details of your systems and deploy the integration template. The integration template uses the BMC Helix iPaaS HTTP connector for API operations for BMC Helix Automation Console (import scan report operation) and Vulnerability Management System vendors (export scan report operation).

Use the template to import data scanned by using any one of the following applications:

  • Nessus Scans
  • Qualys Vulnerability Management

 The template provides the following capabilities

Use case

Nessus scan to BMC Helix Automation Console

Add Nessus scan data files

Imports a single or multiple scan data into BMC Helix Automation Console. Multiple scans can be provided as a comma-separated list in the project variable defined for Nessus scan IDs.

Runs the import manually on demand or automatically based on a configured schedule.
Use caseQualys Vulnerability Management to BMC Helix Automation Console
Add Qualys scan data files

Imports a single or multiple scan data into BMC Helix Automation Console. Multiple scans can be provided as a comma-separated list in the project variable defined for Qualys scan references.

Important:

Due to the limitation associated with the reference ID generated for Qualys cans, you can use the scan reference ID to download the scan only once.

The template uses the unique reference ID generated for a Qualys scan to download the file. This reference ID is a single use ID, and if you run the same scan again, Qualys generates a new reference ID for it, which invalidates the existing reference ID used to download the scan file.

Due to this limitation, you cannot define specific scans to be run periodically and synced with BMC Helix Automation Console.

Runs the import manually on demand.  

After you deploy the integration template, scanned data is automatically sent to BMC Helix Automation Console.  

Scanned data to BMC Helix Automation Console data flow

The following image gives an overview of the data flow for adding scanned data to BMC Helix Automation Console:

Before you begin

The following items are required for you to successfully set up and use this integration: 

Required versions

Make sure you have access to the following applications:

  • Qualys Vulnerability Management version 10.18.0.1-1
  • Nessus Vulnerability Management version 8.1.00
  • BMC Helix Automation Console version 20.08 and later
Authentication and permissions

A BMC Helix Automation Console user must:

  • have administrator access to BMC Helix Automation Console
  • have Read permission
  • belong to a valid security group set to import scan reports

A Nessus system user must:

  • have  SCAN OPERATOR [24] user permissions and CAN VIEW [16] scan permissions
  • be able to specify Nessus Scan ID(s)  for which scan report needs to be downloaded
  • A Qualys Vulnerability Management user must:
    • be a valid Qualys user. 
    • be able to specify Qualys Scan Reference(s) for which the scan report needs to be downloaded.
Scan file requirements

The scan file exported from Nessus can be based on different types of scans, such as operating system or network scans. Mandatory requirements for the scan include:

  • Server name
  • Server IP address
  • Server operating system
  • Associated plugin IDs (a plugin is a check for a vulnerability)

The scan file must be in XML format, and have a  .nessus  extension.

The scan file exported from Qualys can be based on different types of scans, such as operating system or network scans. Mandatory requirements for the scan file include:

Jitterbit Harmony subscription

Obtain a valid BMC Helix iPaaS  subscription.

Application registration

Generate valid API keys for Nessus. 


To generate API keys, navigate to Settings> My Account > API keys  and click Generate. This generates a new  API Access Key and Secret Key  and makes any previously generated API keys invalid. For more information, see  Generate an API Key (Nessus) .

Task 1: To Download and import the integration template project file

  1. Download the  Import Vulnerability Qualys Nessus scanner data in BMC Helix Vulnerability Management 2022-08-01 project file to your system.
    This file contains the  BMC Helix iPaaS Cloud Studio project Import Vulnerability Qualys Nessus scanner data in BMC Helix Vulnerability Management

    Important

    Your ability to access product pages on the EPD website is determined by the license your company purchased.

  2. As a developer, log in to BMC Helix iPaaS and navigate to the Cloud Studio.

  3. On the projects page, click Import.
  4. Click Browse, and then select the file you downloaded.
    The Project Name and Organization fields are automatically populated depending on the values defined. 
  5. From the Environment list, select the environment to which you want to import this integration template, and then click Import.
    The project opens after the integration template is imported. 
  6. To open the project file at a later time, select the environment where the integration templates are available, and then select Import Vulnerability Qualys Nessus scanner data in BMC Helix Vulnerability Management (1), and click View/Edit.

Task 2: Update the project variables for the integration template

  1. Click ... next to the Environment name and select Project Variables.
  2. Update the following project variables:
    • Details to access Nessus, Qualys and BMC Helix Automation Console applications

      Project variablesAction
      Nessus
      Nessus_URL
      Enter the Nessus system URL; for example, https://HostName:port
      Nessus_Access_Key
      Enter the Nessus system API access key.
      Nessus_Secret_Key
      Enter the Nessus system API secret key.
      Qualys
      Qualys_URL
      Enter the URL of the Qualys system.
      Qualys_Username
      Enter the User ID to access the Qualys system.
      Qualys_Password
      Enter the password of the user to access the Qualys system.
      BMC Helix Automation Console
      HVM_URL
      Enter the URL of the BMC Helix Automation Console instance.
      HVM_UserEnter the user name of the user to access the BMC Helix Automation Console instance.
      HVM_PasswordEnter the password for the user to access the BMC Helix Automation Console instance.
      HVM_Login_RoleEnter role of the BMC Helix Automation Console Instance user.
      HVM_TenantID

      Enter the tenant ID of the BMC Helix Automation Console Instance.

      This value is mandatory if the user belongs to multiple tenants.

      HVM_VendorEnter the name of the BMC Helix Automation Console Vendor. Enter Nessus. You can add only one vendor per project.
      HVM_Cloud_User

      Enter one of the following values for this flag to define the type of user for the BMC Helix Automation Console instance: 

      • True: For a cloud user
      • False: For a Server Automation user
      Scan_References

      Enter the Nessus vulnerability scan IDs or the Qualys vulnerability scan reference IDs.

      Use comma separated values for multiple options.

    • Filters for scanned data

      Project variablesAction
      HVM_CIDR_FilterEnter the IP address of the asset for which you want to import scanned data.
      HVM_OS_Filter

      Enter the name of the operating system for which you want to import the scanned data into BMC Helix Automation Console system. 

      You can set the following values for this variable:

      • Windows
      • Linux
      • Others

      Use comma separated values to add multiple options.

      HVM_Severity_Filter

      Enter a vulnerability severity value for which we want to import the scanned data. 

      You can set the following values for this variable:

      • 5 - for critical
      • 4 - for High
      • 3 - for Medium
      • 2 - for Low
      • 1 - for Info

      Use comma separated values to add multiple options.

    • Email notification configurations

      Project variablesAction
      Email_SMTP
      Enter the SMTP host details for emails configuration.
      Email_Recipients
      Enter the email address to which you want to send the failure notification emails. Use comma separated values for multiple names.
      Email_From_Address
      Enter the email address from which the failure notification emails should be sent

Task 3: (Optional) To update the defined schedule for importing scans

  1. As an administrator, log in to BMC Helix iPaaS and navigate to the Cloud Studio.
  2. Open the Import Vulnerability scanner data in BMC Helix Vulnerability Management project, and navigate to the Integration Workflow workflow. 
  3. To define a schedule for importing scans, select the Components tab.
  4. Select Schedules > Scan Import Schedule, click .... and select View/Edit.
  5. On the Edit Schedule page, update the following values to define your custom import schedule: 

    Field nameAction
    Schedule NameEnter a short name for the schedule.
    OccurrenceSelect the time and recurrence of the import.
    FrequencySelect the frequency for the import.
    DurationSelect the start and end dates for the schedule.
  6. Click Save.
  7. To enable the defined schedule, assign it to the Enable Integration operation.
    1. Select ... next to the Enable Integration operation and select Settings.
    2. On the Schedule tab, select the following options:
      • Condition— Select On Schedule.
      • Schedule—Select Scan Import Schedule.
    3. Click Assign.

Once assigned, the import of the scan reports is automatically executed based on the schedule defined.

Task 4: Deploy and enable the project

Deployment is a one-time activity that initializes the integration configurations. The UI displays a message for the deployment status.

To deploy the project and then enable the integration:

  1. To deploy the project, next to the project name, click the ellipsis ..., and select Deploy Project.
  2. To enable the integration, next to the Enable Integrations workflow, click the ellipsis ..., and select Deploy

The following image shows the steps to deploy the project and enable it by deploying the workflow:

After you enable the integration, Nessus scans are sent to BMC Helix Automation Console as per the defined schedule.

To manually execute the integration, click the ellipses ... next to the 1.0 Enable Integration operation in the workflow, and select Run.

Workflows included in the integration template

The integration template includes workflows for the basic configuration and each integration use case. The following tables describe the operations defined in each workflow. 

Integration Workflow

The Enable Integration operation integrates the operations across vendor and BMC Helix Automation Console. It defines the dummy schedule that users can modify based on their requirement to automatically run the scan imports at defined times.

HVM Workflow

This workflow imports the defined scans into BMC Helix Automation Console. 

Operation nameActions performed
HVM Login

Logs in to the BMC Helix Vulnerability instance BMC Helix iPaaS by using the credentials provided in the project variables and retrieves the auth token.

HVM Generate JWTGenerates JWT from auth token.
HVM Import Scan 

Imports scan report for the IDs defined the project variables from the BMC Helix iPaaS temporary storage into BMC Helix Automation Console console.

HVM Wrapper

Integrates all the operations in this flow into a single logical flow.

Nessus Workflow

This workflow retrieves the scan data and verifies it for export. The following operations are included in this workflow:

Operation nameActions performed
Nessus Get Scan DetailsRetrieves the recent scan history UUID for the Nessus scan IDs provided in the project variables.
Nessus Export Scan Initiates the scans for export.
Nessus Check Scan Export StatusVerifies if the exported scans are ready for import.
Nessus Download Exported Scan

Downloads the scans into the BMC Helix iPaaS temporary storage

Nessus Wrapper

Integrates all the operations in this flow into a single logical flow.


Qualys Workflow

This workflow retrieves the scan data and verifies it for export. The following operations are included in this workflow:

Operation name

Actions performed

Qualys Download Exported Scan

Downloads the scans into the BMC Helix iPaaS temporary storage.

Qualys Wrapper

Integrates all the operations in this flow into a single logical flow.

Was this page helpful? Yes No Submitting... Thank you

Comments