×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')

Unsupported content

 

This version of the product has reached end of support. The documentation is available for your convenience. However, you must be logged in to access it. You will not be able to leave comments.
TrueSight Vulnerability Management 3.1 ... Using Help content for all windows

Auto-remediation details and settings

Remediation operations can be configured to allow for auto-remediation. When a Remediation operation completes and and auto-remediation is set up, additional operations are launched automatically to deploy required patches according to a schedule you define.

Note

To use auto-remediation, a deploy template must be defined for your security group, and that deploy template must be an advanced Deploy Job.

  1. On the Remediation Details tab, specify a job group and depot group to store jobs and depot content that are automatically generated during auto-remediation.
    1. In the navigation tree, expand Depot Group and select a sub-group for storing depot content.
    2. Expand Job Group (you may have to collapse the Depot Group first) and select a sub-group for storing jobs.
  2. Click the Remediation Setting tab.
  3. Select a deploy template and click Details.
    Two additional tabs appear: Deploy Settings and Phase Schedules and Execution.

  4. Optionally, inspect the settings of the template by clicking Details. TrueSight Vulnerability Management lists settings for the selected job, such as its logging level and reboot settings. To return to the list of template jobs, click Templates.

    Note

    Many options are available for controlling a remediation job. See here for a complete list. For instructions on using TrueSight Server Automation to implement those options, see Setting deploy options for remediation jobs.

    For a patch remediation operation that uses a deploy template with the Use item defined reboot settings and reboot at end of job setting enabled, targets are rebooted at the end of the job once patches are deployed. Also, associated vulnerabilities are closed for those targets for which patches are deployed once the Data Refresh cycle is run. For more information about this setting, see DeployOptions properties for controlling autoremediation.

  5. To schedule the individual phases of auto-remediation (that is, simulate, stage, and commit), perform the following steps:
    1. Click the Phase Schedules and Execution tab.
    2. Take any of the following actions:
      • If you do not want to schedule the phases of the remediation action, select Do not execute.
      • If you want to schedule all phases to run sequentially, select Execute sequentially and then specify a time zone, a start date, and a time for execution.
      • If you want to schedule each phase individually, select Execute selected phases. Select a time zone. Then specify a start date and time for each phase that you want to schedule. Instead of setting a start time, you can click After Previous Phase to indicate that the phase should begin after the previous phase completes. You can also click Not Scheduled to specify that a particular phase is not scheduled.
  6. Click OK to confirm all auto-remediation settings.

Was this page helpful? Yes No Submitting... Thank you
Last modified by Sulekha Gulati on Feb 05, 2020

Comments

Log in or register to comment.

Assets
Compliance results - Exceptions tab
© Copyright 2013 - 2019 BMC Software, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2024 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.