Good Morning. Is there a way to only create tickets only for severity level 4 and 5 vulnerabilities? Thanks, John
Hello, John. He's how you can create a policy to generate tickets for only severity 4 & 5 vulns.
Navigate to KnowledgeBase > Search Lists > New > Dynamic List
Give your Search List a title, then click on List Criteria. Scroll down and check the boxes next to Level 4 and Level 5 for Confirmed Severity (you can do the same for Potential Severity as well if you want).
Save the Search List. Now navigate to Remediation > Policies > New > Rule. Give your Policy a title, then click Conditions. Choose the Asset Groups you want to create tickets for. In the Vulnerability box, click Add Lists and add your recently created Search List to the Policy. Now under Actions, choose the actions you want for creating a ticket (user assignment, deadline, etc). Finally, save the Policy.
One additional note - Policies are evaluated in order starting from 0. If you have multiple policies, a ticket will be generated for the first policy it meets and that's all.
Link to video on VM Remediation and Ticketing - https://www.qualys.com/videos/vm-training/qualysguard-vulnerability-management-remediation-ticketing/?w=640;h=480
Retrieving data ...