Cisco Vulnerability Management provides several informational fields by default, such as Risk Score, CVSS2.0 score, and CVE number. If there are additional values that you’d like to record on the vulnerability level, you can create a custom field. Custom fields allow you to apply additional metadata to vulnerabilities.
Data Types for Custom Fields
The following data types are supported for custom fields.
-
Date
Supports a calendar date. A calendar date-picker displays when you edit the field. You can also input a date in MM/DD/YYYY format. Use it to mark a date to review the vulnerability status (False Positive review/re-validation). -
Numeric
Supports a number. It can include decimals and is limited to a maximum of six digits. -
Short String
Supports up to 50 characters of text. Use it for additional notes, marking the owner of a vulnerability, or any other text-based data. -
Long String
Supports up to 500 characters of text. Use it to set a description of a vulnerability. -
Dropdown Menu
A list of static choices that appear when a user clicks on the title. Use it to list the level of priority for the vulnerability internally. For example, Low, Medium, High. -
Attachment Field
An attachment of up to 2MB. Supported attachment file types include .pdf, .jpeg, .jpg, .png, and .xlsx.
Creating a Custom Field
You can create up to 200 custom fields.
-
From the gear icon in the upper right side of the window, in the drop-down menu, click Custom Fields.
- Click Create Custom Field.
- Enter values for the fields and click the Cisco Vulnerability Management radio button. If you want to filter on this field on the Vulnerability Management Explore page, click the Faceted Search checkbox.
Note: Each unique entry in a custom field creates a new check box on the Vulnerability Management Explore page. For example, if you have four unique dates, numbers, or text strings, four check boxes are created. - Click Save. The new custom field appears in the list of available custom fields.
Adding Data to a Custom Field
After you define custom fields, they are available for all vulnerabilities.
Adding data to the custom fields for one or more vulnerabilities
-
-
-
On the Vulnerabilities tab of the Vulnerability Management Explore page, select the check boxes for one or more vulnerabilities, and click Edit.
-
Select the check boxes for the custom fields that you want to change. You can also select the check boxes for the additional fields Due date, Notes, and Score.
- Click Continue.
-
A window opens and displays all the custom fields that you selected. For each field, enter the value to be associated with it.
Note 1: Clearing the field or leaving it empty clears its value, with the exception of Score. The Score field can't be empty. It must be set to a value between 0 and 100.
Note 2: You can enter up to 50,000 characters in the Notes field. - Click Update Fields.
-
-
Add data to the custom fields for one vulnerability
This procedure is an alternate way to edit custom fields for one vulnerability.
-
-
-
On the Vulnerabilities tab of the Vulnerability Management Explore page, click the blue arrow on the right side of a vulnerability.
-
The vulnerability detail page opens. On the panel on the right, for each field that you want to change, click Edit for the field, and enter a value.
- Click Save.
-
-
Comments
Please sign in to leave a comment.