OpenText Core Endpoint Protection: Create Ticket from File Detection Crate
What does the OpenText Core Endpoint Protection: Create Ticket from File Detection Crate do?
This Crate contains a workflow that automatically creates a PSA ticket when OpenText detects a malicious file, then runs every 5 minutes until the threat is resolved. The ticket auto-closes if no threats remain after a scheduled scan. If unresolved after 12 hours, the ticket stays open, and the workflow ends.
Ticket information includes:
Event type and name
Site details: ID, name, public IP, type
File details: Name, path, size, MD5, SHA256, malware group, determination
Crate prerequisites
The Webroot integration must be successfully set up in Rewst before unpacking this Crate.
Unpack the OpenText Core Endpoint Protection: Create Ticket from File Detection Crate
Navigate to Crates > Crate Marketplace in the left side menu of the Rewst platform.
Search for
OpenText Core Endpoint Protection: Create Ticket from File Detection.Click on the Crate tile to begin unpacking.
Click Unpack Crate.
Click Continue.
Enable both triggers by toggling the File Detection and Form Setup trigger Enabled toggles on.
Click Unpack.
You'll now need to run the Crate form once at your top parent level organization to establish organization variables for your PSA and finish Crate set up. Navigate to Automations > Forms.
Search for
[OpenText] Set File Detection Org Vars.
Click ⋮> Usages > View Direct URLs.
Copy the URL and open it in a new browser window or tab.
Choose a Board ID from the drop-down selector.
Set relevant status choices in the Ticket Creation Status, Ticket Update Status, and Ticket Close Status selectors.
Optionally, set a Ticket Type if required. To exclude specific sites from this workflow, specify them in the Exclude Sites drop-down selector.
Click Submit.
Navigate to Configuration > Organization Variables to see the list of organization variables generated from your form submission.
Last updated
Was this helpful?