Workflows in the Vulnerability Management module
This topic describes the high-level process workflow and other workflows in the Vulnerability Management – BMC-SA-Vulnerability_Scan_Import module.
For understanding the Vulnerability Management use case, see Vulnerability-Management-module.
Process Tenable Scan Files
The Process Tenable Scan Files workflow in the BMC-SA-Vulnerability_Scan_Import module is extensible and contains rules, schedules, and configuration. The high-level process workflow internally calls other sub-processes to perform the end-to-end process of downloading the scan file from Tenable and importing it in BMC Helix Automation Console or TrueSight Automation Console. Output data for each sub-process is considered as input for the subsequent process.
The following figure shows the workflow in the TrueSight Orchestration Development Studio.
The following table describes the internal sub-processes that are invoked when the Process Tenable Scan Files workflow is run and the input and output elements for the workflows:
Process name | Input | Output | Description |
|---|---|---|---|
Process Tenable Scan Files |
|
| Invokes the sub-processes. |
Read Input and Configuration Data |
|
| This workflow extracts configuration information specific to this module, which includes Web Service connection details required to log in to Tenable and Automation Console version, adapter details, and so on. |
Tenable Login |
|
| This workflow logs in to the Tenable server by using the authentication token and TNS Session ID required for subsequent calls to the Tenable server. |
Login |
|
| This workflow logs in to Automation Console by using the authentication token required for the subsequent calls to Automation Console. |
Generate Bearer Using Refresh Token |
|
| This workflow provides the Bearer Access token using the refresh token (authentication token) and tenant ID. |
Get Scan Result IDs |
|
| This workflow retrieves the list of Scan result IDs as per the given timestamp. It accepts the authentication token obtained from the Read Configuration Details workflow, and the start time, in days, from which the scan result IDs needs to retrieved. The value for the Start Time in Days is configured in the Vulnerability Management – BMC-SA-Vulnerability_Scan_Configuration module. |
Download Scan File |
|
| This workflow downloads the scan file for the given Scan result ID. It accepts the authentication token obtained from the Read Configuration Details workflow, and the scan result ID obtained from the Get Scan Result IDs workflow. The Download Directory path is configured in the Vulnerability Management – BMC-SA-Vulnerability_Scan_Configuration module. |
Import Scan File |
|
| This workflow imports the downloaded file in to Automation Console. It requires and accepts the authentication token obtained from the Login workflow and the file to be imported from the Download Scan File workflow. |
Delete Scan File |
|
| After a successful import, this workflow deletes the downloaded scan file on the TrueSight Orchestration – Configuration Distribution Peer host. |
Calculate Timestamp |
|
| This workflow calculates the past timestamp based on the specified number of days. |