ChangeGear - Create Incident
- 16 Mar 2023
- 3 Minutes to read
- Print
- DarkLight
- PDF
ChangeGear - Create Incident
- Updated on 16 Mar 2023
- 3 Minutes to read
- Print
- DarkLight
- PDF
Article Summary
Share feedback
Thanks for sharing your feedback!
ChangeGear - Create Incident creates a single incident in ChangeGear listing all the affected assets retrieved from the saved query supplied as a trigger (or from the entities selected in the asset table).
See Creating Enforcement Sets to learn more about adding Enforcement Actions to Enforcement Sets.
General Settings
- Enforcement Set name (required) - The name of the Enforcement Set. A default value is added by Axonius. You can change the name according to your needs.
- Add description - Click to add a description of the Enforcement Set. It is recommended to describe what the Enforcement Set does.
- Run action on assets matching following query (required) - Select an asset category and a query. The Enforcement Action will be run on the assets that match the query parameters.
- A query only returns results for the asset type it was created for.
- Not all asset categories are supported for all Enforcement Actions.
- See Actions supported for Activity Logs, Adapter Fetch History and Asset Investigation Modules
- See Actions supported for Vulnerabilities.
- See Actions supported for Software.
- Action name (required) - The name of the Main action. A default value is added by Axonius. You can change the name according to your needs.
- Configure Dynamic Values - Toggle on to enter a Dynamic Value statement. See Creating Enforcement Action Dynamic Value Statements to learn more about Dynamic Value statement syntax.
Connection Settings
Click to view Connection Settings
- Use stored credentials from the ChangeGear adapter (required, default: False) - Select this option to use the first connected ChangeGear adapter credentials.NOTE
- To use this option, you must successfully configure a ChangeGear adapter connection.
- The API key used for the adapter connection must be user with permissions to create new asset.
- Host Name or IP Address (optional) - The hostname or IP address of the ChangeGear server.
- User name and Password (optional) - To connect to ChangeGear you will need to create a user with action privileges.NOTEIf Use stored credentials from the ChangeGear adapter is disabled, these fields are required.
- Verify SSL (required) - Verify the SSL certificate offered by the host supplied in Host Name or IP Address. For more details, see SSL Trust & CA Settings.
- If enabled, the SSL certificate offered by the host will be verified against the CA database inside of Axonius. If it fails validation, the connection will fail with an error.
- If disabled, the SSL certificate offered by the host will not be verified against the CA database inside of Axonius.
- HTTPS Proxy (optional) - A proxy to use when connecting to the value supplied in Host Name or IP Address.
- When supplied, Axonius uses the proxy when connecting to the value supplied in Host Name or IP Address.
- When not supplied, Axonius connects directly to the value supplied in Host Name or IP Address.
- HTTPS Proxy User Name (optional) - The user name to use when connecting to the value supplied in Host Name or IP Address via the value supplied in HTTPS Proxy.
- When supplied, Axonius authenticates with this value when connecting to the value supplied in HTTPS Proxy.
- When not supplied, Axonius does not perform authentication when connecting to the value supplied in HTTPS Proxy.
- HTTPS Proxy Password (optional) - The password to use when connecting to the value supplied in Host Name or IP Address via the value supplied in HTTPS Proxy.
- When supplied, Axonius authenticates with this value when connecting to the value supplied in HTTPS Proxy.
- When not supplied, Axonius does not perform authentication when connecting to the value supplied in HTTPS Proxy.
Action Settings
Click to view Action Settings
- Summary (required) - Add a summary to the incident.
- Incident Type ID (optional) - The ID of the incident type.
- Incident Type (optional) - Select the incident type from the list. If Incident Type ID is used, this value is ignored.
- Impact (required) - Select the impact level from the list.
- Urgency (required) - Select the urgency level from the list.
- Priority (required) - Select the priority level from the list.
- Due in x Days (required) - The incident must be handled within the indicated number of days.
For more details about other Enforcement Actions available, see Action Library.
Was this article helpful?