Use Automation to Generate Tickets
This article details how to create an automation to generate tickets when your data contain critical vulnerabilities.
Generate tickets on critical vulnerabilities
One common use case of automation involves creating tickets when there are critical vulnerabilities in your data. To create this automation, follow these steps:
Navigate to Automation.
Click Create.
Provide a title and description for the automation.
Type the following Brinqa Query Language (BQL) query to find all active findings with a critical risk rating in your data:
Find Finding AS f Where f.riskRating = "Critical" And f.status = "Active"Click Test to ensure that your query is valid and returns data.
In Actions, select Create vulnerability ticket. More options appear.
For Sprint, select the time frame for the ticket to be worked on. For example, Q1, Q2, Q3, or Q4.
For SLA, select an SLA to associate with the tickets.
For Grouping, select Type > Name and Type > Risk rating.
tipGrouping puts the tickets into specific categories so a single ticket is created rather than one ticket for every finding returned by the query.
For Assignment Policy, set a default owner. You can set it to a specific user, set it based on an attribute, or leave it unassigned.
In Run, choose a method for the Automation to run. You can run the automation manually, set a schedule for the automation to run, or you can set the automation to run as part of your daily data orchestration.
Click Create.
The Automation page reloads and your new automation appears in the list of available automations.
Run the automation
To launch and run your automation manually, follow these steps:
Navigate to Automation.
Hold your pointer over your automation entry and click Run.
Click Confirm when prompted.
After a successful run of the automation, navigate to Remediation > Tickets > All to view the tickets that the automation has created.
Hold your pointer over one of the tickets and click Show to view the details.