Zendesk - Create Ticket
  • 13 Feb 2024
  • 4 Minutes to read
  • Dark
    Light
  • PDF

Zendesk - Create Ticket

  • Dark
    Light
  • PDF

Article Summary

Zendesk - Create Ticket creates a ticket in Zendesk for all entities retrieved from the saved query supplied as a trigger (or from the entities selected in the asset table).

See Creating Enforcement Sets to learn more about adding Enforcement Actions to Enforcement Sets.

General Settings

  • Enforcement Set name (required) - The name of the Enforcement Set. A default value is added by Axonius. You can change the name according to your needs.
  • Add description - Click to add a description of the Enforcement Set. It is recommended to describe what the Enforcement Set does.
  • Run action on assets matching following query (required) - Select an asset category and a query. The Enforcement Action will be run on the assets that match the query parameters.
  • Action name (required) - The name of the Main action. A default value is added by Axonius. You can change the name according to your needs.
  • Configure Dynamic Values - Toggle on to enter a Dynamic Value statement. See Creating Enforcement Action Dynamic Value Statements to learn more about Dynamic Value statement syntax.

  • Use stored credentials from Zendesk adapter - Select this option to use the Zendesk connected adapter credentials.
    • When you select this option, the Select Adapter Connection drop-down is available, and you can and you can choose which adapter connection to use for this Enforcement Action.

Required Fields

These fields must be configured to run the Enforcement Set.

  • Select Adapter Connection - When Use stored credentials from the Zendesk Adapter is enabled, select the adapter connection the Enforcement Action will use.

Connection Parameters

If Use stored credentials from the Zendesk Adapter is disabled, these fields are required:

  • Subdomain - The subdomain used to access Zendesk. For example, Axonius is the subdomain for https://axonius.zendesk.com.
  • User Name (required) - The username of an Axonius dedicated user account.
  • Requester ID - The ID of the user creating the ticket.
  • Instance Name - The Axonius node to use when connecting to the specified host. For more details, see Connecting Additional Axonius Nodes.

Note - ZenDesk MFA

The ZenDesk API does not support MFA or SAML; an API token is required when using either of these:

  • User Name Email - Add the /token to the end of the account.
  • Password

Additional Fields

These fields are optional.

Connection Parameters

If Use stored credentials from the Zendesk Adapter is disabled, these fields are required:

  • API Key/Token (required) - An API Key/Token associated with a user account that has permissions to fetch assets.
  • Password - The password of the Axonius dedicated user account.
  • 2FA Secret Key - The secret generated in Zendesk for setting up two-factor authentication for the Zendesk user created to collect SaaS Management data. See Zendesk documentation for instructions on how to set up two-factor authentication (2FA) and generate the 2FA secret.
  • Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.

  • HTTPS proxy - Connect the adapter to a proxy instead of directly connecting it to the domain.

  • HTTPS Proxy User Name - The user name to use when connecting to the server using the  HTTPS Proxy.

  • HTTPS Proxy Password - The password to use when connecting to the server using the  HTTPS Proxy.

  • Ticket subject - Enter a short description of the ticket issue.

  • Ticket body - Enter a full description of the issue.

  • Add default incident description - Includes the default incident description in the end of the ticket body. The incident description message includes the Enforcement Set name, the triggering query, the condition for executing the Enforcement, if such exists, the number of current and previous results, and a list of all affected assets.

    Message example

    Alert - "test" for the following query has been triggered: Missing Sophos

    Alert Details
    The alert was triggered because: The number of entities is above 0
    The number of devices returned by the query: 4
    The previous number of devices was: 4

    You can view the query and its results here: https://demo-latest.axonius.com/devices?view=Missing Sophos

  • Ticket Status - Select the ticket status.

  • Assignee ID - Enter the ID of the user assigned to this ticket.

  • Group ID - Enter the ID of the group to which the user creating the ticket belongs.

  • Priority (default: Normal) - Select the ticket priority.

  • Create ticket even if no new entities were added - When selecterd, a ticket is generated even if no new assets were added to the query.

  • Tags to Add - Select tags from the list or add new tags to add them to the ticket.

  • Additional fields - Specify additional fields to be added as key/value pairs in a JSON format. For example: {"field1": "value1", "field2": "value2"}. If one of the specified fields is invalid, the request might fail.

  • Attach a CSV file with the affected entities - Attach a CSV file containing the results of the query.

  • Include associated devices (only for Software and Vulnerabilities) - When enabled, a list of devices associated with the software or vulnerability is added to the ticket.


For more details about other Enforcement Actions available, see Action Library.


Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.