Adding exceptions manually

Typically, you add exceptions by importing them, but you can also manually add exceptions so that users can start associating them to their assets. In this procedure, you add an exception manually.

To add an exception manually

1. Select TrueSight Vulnerability Management > Vulnerabilities.

2. From the Security Groups list, choose the security group that you want to be assigned as the creator of the exception.
   By default, security group assigned to the currently logged-in user becomes the creator of the exception.

3. Select one or more vulnerabilities for which you want to add the exception, and click Add Exception.
   The Add Exception for Vulnerabilities dialog box appears, which shows the selected vulnerabilities in the right pane.

4. Enter the following information:

   Field	Description
   Exception Name (required)	Enter a name for the exception.
   Justification (optional)	Enter a description for the exception.
   Owner (optional)	Enter the name or email address of the user who owns the exception.
   Ticket ID (optional)	Enter the ticket ID if it has been generated after the request for adding the exception has been approved.
   Start Date  (required)	Enter the date starting from which you want the exception to be applicable.
   End Date (required)	Enter the date on which you want the exception to be expired. Once the end date arrives, exception is no more valid.
   Assets (required)	Select one of the following options: All: Exception will be applicable for all the assets on which vulnerabilities are reported. Selected: Exception will be applicable for the selected assets on which vulnerabilities are reported. When you choose to apply the exception for the selected assets, you can further use the following filters to choose the assets: By Asset Names: Filter assets by names. The default list shows all assets affected by the selected vulnerabilities present in the scan file. Exception will be applicable to the selected assets. By Tags: Filter assets by tags. Exception will be applicable to the assets which are associated with the selected tags. Also, exception will be applicable to the assets to which tags will be associated later. The default list shows the tags associated with the assets that are accessible to the currently logged-in user. Note If an asset belongs to one asset group and that asset group is assigned to a security group, and you are creating the exception using that security group, only the tags that are associated with that asset are visible in this list.

5. Click Create Exception.
   A message confirms that exception is added successfully.
6. (optional) Click the Exception Management link in the message to view the exception on the Exception Management page. By default, if the current date and time is in between the Start date and End date, exception is Active, otherwise exception is Enabled. Exception is applied to the assets once it becomes Active. For information about various statuses of an exception, see Exception status and operations.

Asset groups and exceptions

If an exception is created by one security group on an asset and that asset is accessible to another security group, then that exception is applicable to another security group as well. For example, if an exception, exc1 is created on an asset, assetA by a security group, SG1, and assetA is accessible to another security group, SG2, then the exception is applicable to SG2 as well.

If an exception is created by one security group on an asset and that security group has been assigned that asset through an asset group, and another security group has not been assigned that asset group, then that exception is not applicable to another security group. For example, there are two asset groups, AG1 and AG2 and two security groups SG1 and SG2. assetA and assetB are assigned to SG1 and assetB has been assigned to SG1. An exception, exc1 has been created by SG1 on assetA. This exception is applicable only to SG1, not SG2.