Demisto - Create Incident per Asset

Demisto - Create Incident per Asset creates an incident in Demisto for each asset returned from the selected query or selected in the asset table.

Required Fields

These fields must be configured to run the Enforcement Set.

• Demisto domain - The IP address or URL for the Demisto server.
• API Key - The API key.
• Incident details - The details of the incident.
• Severity (default: 4) - The incident priority.

• Compute Node - The Axonius node to use when connecting to the specified host. For more details, see Connecting Additional Axonius Nodes.

Additional Fields

These fields are optional.

• Verify SSL (optional) - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.
• HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.
• HTTPS Proxy User Name - The user name to use when connecting to the value supplied in Host Name or IP Address via the value supplied in HTTPS Proxy.
• HTTPS Proxy Password (optional) - The password to use when connecting to the server using the  HTTPS Proxy.
• Incident name - The name of the incident
• Incident type - The incident type.
• Status - The status of the incident.
• Category - The incident category.
• Incident labels - Adds these labels to the incident. Multiple labels can be added. Click + to add a label. Click x next to a label to delete it.