Create a watch topic in the Vulnerability Manager Workspace

  • Release version: Xanadu
  • Updated August 1, 2024
  • 2 minutes to read

    • Vulnerability managers and analysts can create watch topics using a set of conditions to filter out subsets of records (VITs, AVITs, CVITs or CTRs) that they want to monitor.

    Before you begin

    Role required:
    • sn_vul.vulnerability_analyst, or sn_vul.vulnerability_admin for host vulnerable items (VITs)
    • sn_vul.app_sec_manager for application vulnerable items (AVITs)
    • sn_vul_container.vulnerability_analyst or sn_vul_container.vulnerability_admin for container vulnerable items (CVITs)
    • sn_vulc.admin for configuration test results (TRs)

    About this task

    On the Overview tab of watch topics, a trending report that is updated nightly, along with other reports, show the current status of the records for that watch topic.

    Note:
    Starting with v19.0 of Vulnerability Response, the following terms have been renamed:
    Table 1. Changes in terminology
    Terminology prior to v19.0 Terminology v19.0 onwards
    Test Result Groups Remediation Tasks
    Configuration Issues Configuration Test Results
    Policy Test group

    Procedure

    1. Navigate to All > Vulnerability Response > Vulnerability Manager Workspace > Watch Topics.
    2. Optional: Alternatively, to the right of the Create remediation effort button, click the three dots, followed by edit to modify an existing watch topic.
      Note:
      You might notice a delay before current data is displayed for a watch topic after you change the filtering.
    3. In the lower left of the page, click Create Watch Topic.
    4. In the modal that displays, fill in the fields.
      For more information on the Create watch topic modal fields, seeCreate Watch Topic form fields.
    5. Define conditions for the selected record category.
      Option in Category drop-downSteps
      Host Vulnerabilities

      In the Vulnerable Item Condition, define conditions to identify the host vulnerabilities.

      The host vulnerabilities are detected based on the set conditions.
      Application Vulnerabilities

      In the Application Vulnerable Item Condition, define conditions to identify the host vulnerabilities.

      The application vulnerabilities (or AVITs) are detected based on the set conditions.
      Container Vulnerabilities

      In the Container Vulnerable Item Condition, define conditions to identify the host vulnerabilities.

      The container vulnerabilities (CVITs) are detected based on the set conditions.
      Configuration Test Results

      In the Configuration Test Results Condition, define conditions to identify the configuration issues.

      The configuration test results are detected based on the set conditions.
      Note:
      If you don't set any conditions in your watch topic, no data is pulled to the dashboard.
    6. Click Submit.
      Your new watch topic is displayed on the Home landing page. The watch topics are categorized by record type in the navigation pane.
      Figure 1. Version 19.0 Vulnerability Manager Workspace Home page
      Version 19.0 Vulnerability Manager Workspace Home page

    What to do next

    Create a remediation effort.