Errors for the Vulnerability Response Integration with Claroty CTD

  • Release version: Washingtondc
  • Updated February 5, 2024
  • 3 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Errors for the Vulnerability Response Integration with Claroty CTD

    This document outlines common errors encountered while using the Vulnerability Response Integration with Claroty CTD, including potential causes and recommended actions to resolve them. Addressing these errors ensures smooth integration and effective vulnerability management.

    Show full answer Show less

    Key Features

    • Vulnerability Detection Integration: Issues related to data retrieval and processing, including authentication errors and JSON response problems.
    • Vulnerability Auto-Closure Integration: Focuses on errors during data retrieval and processing, highlighting authentication and payload parsing issues.

    Key Outcomes

    By understanding these errors, ServiceNow customers can:

    • Quickly diagnose integration issues with Claroty CTD based on specific error messages.
    • Ensure proper configuration by verifying user credentials, REST message specifications, and server URLs.
    • Resolve typical data processing issues by checking attachment content and JSON validity.

    Overall, addressing these errors enhances the reliability of vulnerability response operations within ServiceNow.

    You may encounter errors that need troubleshooting while you’re working with the Vulnerability Response Integration with Claroty CTD.

    Vulnerability Detection Integration (Data Retrieval)

    Error message Possible cause
    Can’t run a Claroty CTD Integration without a user name and password combo. No user name or password is present on the integration configuration.
    Can’t run integration without a REST message and REST method specified. On the Claroty CTD Integration job record, the REST message or REST method fields aren’t populated.
    Can’t run integration without Claroty CTD server URL specified. No URL is present on the integration configuration.
    Can’t run integration without the detection API resource path specified. On the integration configuration, the detection_api_resource_path parameter isn’t populated. The default is /ranger/assets_with_insights.
    Invalid response code {response code} received from Claroty CTD. The response from the Claroty API was invalid. For example, the message Invalid response code 401 is received from Claroty CTD. This invalid response code means Unauthorized and that the credentials (user name/password) are likely invalid.
    Unable to read the count_total property from JSON data. The count_total used for pagination wasn’t present in the API response. It likely means that an invalid payload was received from Claroty CTD.

    Ensure that the Claroty CTD instance is reachable through the MID Server and examine the Data Source attachment response.json file to ensure that count_total exists.

    Vulnerability Detection Integration (Data Processing)

    Error message Possible cause
    Error writing attachment. The system couldn’t attach the response data to the Data Source. Contact your administrator for further assistance.

    A common cause for this error is that the MID Server user is missing the sn_vul.vr_import_admin role.
    Attachment content is null: attachment sys_id = {sys_id}. The Data Source attachment content is null. This could indicate an issue with the Claroty API itself, or an issue in ServiceNow. Contact your administrator for further assistance.
    Couldn’t find attachment with sys_id {sys_id}. Data Source attachment wasn’t found. Follow the same procedures for the preceding error.

    Vulnerability Auto-Closure Integration (Data Retrieval)

    Error message Possible cause
    Can’t run a Claroty CTD Integration without a user name and password combo. No user name or password is present on the integration configuration.
    Can’t run integration without a REST message and REST method specified. On the Claroty CTD Integration job record, the REST message or REST method fields aren’t populated.
    Can’t run integration without Claroty CTD server URL specified. No URL is present on the integration configuration.
    Can’t run integration without the detection API resource path specified. On the integration configuration, the detection_api_resource_path parameter isn’t populated. The default is /ranger/assets_with_insights.
    Invalid response code {response code} received from Claroty CTD. The response from the Claroty API was invalid. For example, the message Invalid response code 401 is received from Claroty CTD. This invalid response code means Unauthorized and that the credentials (user name/password) are likely invalid.
    Unable to read the count_total property from JSON data. The count_total used for pagination wasn’t present in the API response. It likely means that an invalid payload was received from Claroty CTD.

    Ensure that the Claroty CTD instance is reachable through the MID Server and examine the Data Source attachment response.json file to ensure that count_total exists.
    Error parsing 'objects' array from response body. Likely means that an invalid payload was received from Claroty CTD. Ensure that the Claroty CTD instance is reachable and check Outbound HTTP Logs to see if there was a valid response.

    Vulnerability Auto-Closure Integration (Data Processing)

    Error message Possible cause
    Failed to parse the Data Dictionary JSON. The payload from the Data Source attachment was invalid JSON. Likely another error occurs before this error occurs. Ensure that the Claroty CTD instance is reachable and check Outbound HTTP Logs to see if there was a valid response.