WHD - SolarWinds¶
This feature allows you to send vulnerabilities from Faraday to Web Help Desk from Solar Winds as an incident (using Web Help Desk from Solar Winds's Incident table).
Send vulnerabilities to Web Help Desk from Solar Winds¶
To send vulnerabilities to Web Help Desk from Solar Winds, go into our Vulnerability View, select the desired vulnerabilities, click on the Tools button and then click on the Web Help Desk from Solar Winds option.
Info
Keep in mind that only confirmed vulnerabilities can be sent.
Sending To Web Help Desk from Solar Winds¶
Once the Web Help Desk from Solar Winds dialog opens, you have two options:
1: You can use the default data saved in the Ticketing Tools section of Settings (see Save Web Help Desk from Solar Winds's Configuration for more information):
2: You can overwrite Web Help Desk from Solar Winds default data by clicking on the checkbox button and then manually input your Web Help Desk from Solar Winds credentials. Then click OK:
Issuetracker¶
Once the vulnerability has been sent to Web Help Desk from Solar Winds, add the column issuetracker, so you can see a link that will lead you to the incident in Web Help Desk.
Issuetracker's JSON¶
We added the issuetracker_json field which, if you’re using our Web Help Desk from Solar Winds integration, will give you details about the issue you created from Faraday to your ticketing instance. You can also use this field on your Executive Reports, and can render either the URL of your issue or just the ID for it.
Save Web Help Desk from Solar Winds's Configuration¶
To save Web Help Desk from Solar Winds's configuration, go to Settings:
Then go to the Ticketing Tools section:
URL¶
Use this field to save the URL of the Web Help Desk from Solar Winds's instance where you want the vulnerability to be sent.
API Key¶
Use the field to fill the Api key created in Solar Winds instance.
Template¶
Select The first Template, there is a default template already loaded in your faraday instance.
{# This is a Template for Faraday solar winds Integration #}
{# Pre-Flight Adjustments #}
{% set issuetracker_config = 'solar winds' %}
{% set http_size_config = 4096 %}
{% if 'med' in vuln.severity %}
{% set corrected_severity = 'Medium' %}
{% else %}
{% set corrected_severity = vuln.severity %}
{% endif %}
{# Issue template structure should go under this comment #}
{% if 'VulnerabilityWeb' in vuln.type %}
# [{{ corrected_severity | capitalize}}] {{vuln.name}} - ({{vuln.path}})
{% else %}
# [{{ corrected_severity | capitalize}}] {{vuln.name}}
{% endif %}
## Description
{{ vuln.desc }}
#### This issue has been rated as: `{{ corrected_severity | capitalize }}`
Affected Asset: {{vuln.target}}
{% if vuln.website %}
Affected URL: {{ vuln.website }}{{ vuln.path }}
{% endif %}
{% if vuln.hostnames %}
#### Hostnames
{% for hostname in vuln.hostnames %}
- {{hostname}}
{% endfor %}
{% endif %}
## Recommendations
{{ vuln.resolution }}
{%for ref in vuln.refs%}
- {{ref}}
{%endfor%}
{%if vuln.easeofresolution%}
#### Estimated ease of resolution
{{ vuln.easeofresolution | capitalize }}
{%endif%}
### Technical Details
{%if vuln.data%}
#### Proof of Concept
{{vuln.data}}
{%endif%}
{%if vuln.request%}
#### Request
{{vuln.request|truncate(http_size_config, False, '...', 0) }}
{%endif%}
{% if vuln.response %}
#### Response
{{ vuln.response|truncate(http_size_config, False, '...', 0) }}
{%endif%}
## Issue [{{ vuln.id }}] {{vuln.name}} [{{vuln.status}}]
{# A vulnerability might be associated with more tha one issuetracker id #}
{% for key, value in vuln.issuetracker_json.items() %}
{% if issuetracker_config in key%}
This issue has already been reported in this platform:
- {{ key | capitalize}}
{% for line in value %}
- Issue: {{line.url}}
{% endfor %}
{% endif %}
source: created by {{vuln.owner or "faraday"}} using {{vuln.tool}} - {{vuln.external_id}} - {{vuln.date}}
{% endfor %}
{# end of file #}