Configuring VCA

To begin using Vulnerability-based Change Automation App (VCA) to create integrations between the SecureChange Access Request workflows and the third-party vulnerability management tools, perform the following initial configuration tasks:

You can perform all configuration from the Settings () menu.

After making any change in this menu, click Save.

Connect to SecureChange

Allows VCA to get the Access Request workflow information from SecureChange and add the risk analysis scripts to the workflow.

In the SecureChange section, enter the following information:

  • Host: your SecureChange IP address
  • Login username
  • Login password

The username and password need to be for a SecureChange user with the permission: Create and handle tickets on behalf of another user (via API only).

If this is a new user, log in to SecureChange with that user to validate it.

Set up Email Notifications

Vulnerability-based Change Automation App sends out email notifications when the sync with the third-party vulnerability management tool fails to complete successfully. To receive the email notifications, in the Email notification section:

  1. Enter the following information for the outgoing e-mails:
    • Outgoing SMTP server
    • Port
    • Sender email address
    • Login user name
    • Login password
  2. If you want the e-mail notifications to be secured, select Enable TLS.

Define Log Levels

Enable debugging and determine which information is collected in the log files.

In the Log Level section, select the appropriate log level.

Log Level

Description

ERROR

Messages with error and critical levels are logged.

WARNING

Messages with error, critical, and warning levels are logged.

INFO

Messages with error, critical, warning, and info levels are logged.

DEBUG

All message levels.

If you change the log level, the change takes effect immediately and the web server restarts.

To view the log, run the command kubectl logs -f -l app=vca.