Tickets Quick Start Guide

Purpose

This document provides users with a comprehensive overview of the Tickets for OUTSCAN and HIAB. This document has been elaborated under the assumption the reader has access to the OUTSCAN/HIAB Account and Graphical User Interface.

Introduction

This document gives you a step-by-step configuration setup guide for configuring the OUTSCAN/HIAB solution according to best practice. It takes into account the size of the organizations and provide information about why different options are taken over other in order to provide justification why the different paths where chosen.

Tickets

Best practice regarding tickets is to have them become automatically assigned from within the tool and thus saving manual workload. If you already have a ticket system that is used within your organization then integrating with that would be a good option since then you can track, compare, and manage tickets there and not forcing users to learn additional software for their job duties.

If the risk levels already are defined, then changing them within the OUTSCAN/HIAB solution is best practice instead of having a mapping or two competing risk levels that may cause confusions in critical situations later.

In order to change the levels (both name and priority), click on the settings button in the upper right corner next to the question mark ( ? help) on the Tickets page. Then the following dialog is displayed where you can define your risk levels.

If tickets are handled externally, then check the setting to automatically close tickets once the vulnerability referred to it is resolved. This prevents tickets from staying open after the issue has been resolved.

Ticket Automation

Regarding automatically assigning tickets to a user, this is done in the Event Notification system. There are several events that all start with the name Finding and those can be used to automatically assign a ticket to a pre-defined user. Below you see an example of new risk automatically being assigned to Jane Doe for targets where she is registered to receive high risks for.

The Tickets Interface

The Tickets module is used to manage different assignments with individual users that have access to the ticketing module. Access to the Tickets module can be managed under the Roles tab in the Manage Users module.
To access Tickets, open the Main Menu located in the lower left corner.

Tickets Grid Window

The Tickets grid includes different columns. To enable or disable a column click the arrow next to the name of any column. In the displayed drop-down menu there is a field called Columns which lists the available columns. Most of these columns allow filtering, this provides the option to display a subsection of all available data. To enable filtering, access the same drop-down menu as for columns and click Filters.

The available columns for the Tickets grids are:

Option	Description
Assignee	Whom the ticket has been assigned to.
Due Date	Due date of the ticket.
Finding	The name of finding for which this ticket was created for. This will be empty if the ticket concerns with multiple findings or origin is Custom type.
Host name	Name of the host affected. (Empty for custom type.)
Priority	Displays the priority of the ticket where P5 is the highest. P1 P2 P3 P4 P5
Report Date	The date of the report which the ticket was created from. (Empty for custom type.)
Script ID	Script ID of the finding which the ticket will trigger for. (Empty for custom type.)
Status	Status of the ticket. New Assigned Resolved Reopened Verified Rejected
Summary	Summary of the ticket.
Target	The target which the finding/report was reported/created for.
Task ID	ID of the ticket.
Ticket Origin	Where the ticket originated from: WAS PCI Report Custom
Type	The type of the ticket: Finding: when a ticket is related to a single finding. Report: when a ticket is related to the whole report of the target. Custom: if the ticket was manually created by the user.
Verified	Displays the status of the finding which this ticket is created for: Not verified No longer present Still present

Manage Tickets

Assigning new tickets is performed from either Reporting Tools, PCI Reports, or from Tickets.
To create and assign a new ticket from the Tickets grid window press New in the upper left corner. This displays the Maintaining Ticket window where you can edit the Summary, Priority, Status, Due Date, Assignee, and add comment for the ticket.

Right clicking a ticket in the Tickets grid provides different actions to choose between:

Option	Description
Add Comment	Add comment for the specific ticket
New	Create a new ticket
Delete	Delete the specific ticket
Edit	Edit the specific ticket

Marking multiple entries by holding CTRL and left click makes it possible to either use Delete to delete multiple tickets or Add Comment to add comments to multiple tickets. These two options are available in the top menu bar of the grid.
Exporting a report from the Tickets grid is done by clicking Export in the lower left corner of the window. The available formats are PDF and Excel. This report includes information about all tickets in the Tickets grid.

Note

Email is only sent if the ticket is assigned to someone other than the one creating/updating the ticket.

Tickets Settings

Clicking the Settings icon in the upper right corner of the window toolbar provides access to the tickets settings:

The priority list can be used to select fewer ticket levels than the original 5.
When a Label is defined on a priority level, it is displayed instead of the default P1-5 name in the drop-down throughout the system.
Default due days is a configuration option that automatically sets the due date based on the setting here and the selected priority upon creation of the original ticket.

Options	Description
Priority P1-P5	Able to mark it as active or not, set a value for default due days and rename it. Note P5 is checked as default and cannot be unchecked.
Automatically close verified tickets	It enables the system to close tickets when it has been verified.
Include vulnerability details in email	Include the details of the vulnerability found in the email for the ticket. This is the default setting for Include vulnerability details in email checkbox, where you create tickets for the finding. The check box Include vulnerability details in email in Create Ticket window in Reporting Tools, PCI, WAS will be loaded with the default value defined here.
Send Ticket Notifications	Enable this option to allow the system to send email notifications when a ticket is created, changes status, and is closed.
Send Ticket Overdue Notifications	Send a notification to the assignee once a ticket is overdue.
Remove all tickets	Removes all tickets that are visible in the Tickets grid.

_Copyright

_{© 2024 Outpost24® All rights reserved.}_{This document may only be redistributed unedited and unaltered. This document may be cited and referenced only if clearly crediting Outpost24® and this document as the source. Any other reproduction and redistribution in print or electronically is strictly prohibited without explicit permission.}

_Trademark

_{Outpost24® and OUTSCAN™ are trademarks of Outpost24® and its affiliated companies. All other brand names, product names or trademarks belong to their respective owners.}