Workflows in the Vulnerability Management module
This topic describes the high-level process workflow and other workflows in the Vulnerability Management – BMC-SA-Vulnerability_Scan_Import module.
For understanding the Vulnerability Management use case, see Vulnerability-Management-module.
Process Tenable Scan Files
The Process Tenable Scan Files workflow in the BMC-SA-Vulnerability_Scan_Import module is extensible and contains rules, schedules, and configuration. The high-level process workflow internally calls other sub-processes to perform the end-to-end process of downloading the scan file from Tenable and importing it in BMC Helix Automation Console or TrueSight Automation Console. Output data for each sub-process is considered as input for the subsequent process.
The following figure shows the workflow in the TrueSight Orchestration Development Studio.
Retrieve Vulnerability Records
The Retrieve Vulnerability Records workflow retrieves the records from the specified Tenable application in a JSON format.
The following table describes the input parameters for the workflow:
Input | Description | Required |
|---|---|---|
URL | Specifies the URL to log on to the Tenable application. | Yes |
Username | Specifies the user name required to log on to the Tenable application. | Yes |
Password | Specifies the password that matches the username | Yes |
Filters | Specifies the filters in a key-value based XML format to be used to retrieve data that matches your requirements. Example: <filters> <filter> <name>severity</name> <operator>=</operator> <value>1</value> </filter> <filter> <name>lastSeen</name> <operator>=</operator> <value>0:10</value> </filter> </filters> | No |
Start offset | Specifies the number of records which you want to fetch from Tenable in one request. Default value is 0. | No |
Number of records to fetch | Specifies the number of records to retrieve. By default, the number of records is based on the value specified in the Offset parameter in the BMC-SA-Vulnerability_Scan_Configuration module configuration. For example, if the value for offset is set as 1000, then this workflow retrieves a thousand records. If not specified in the workflow, the value for the offset is considered. | No |
The following table describes the output parameters for the workflow:
Output | Description |
|---|---|
status | Contains the status of the workflow. |
error message | Contains the error message, if any. |
records | Contains the records retrieved using the Tenable APIs |
total records | Specifies the total number of records available for the given request using the filters |
returned records | Specifies the total number of records retrieved |