Configure the scheduled job for updating NVD records

Identify the repositories that you want updated regularly, and then execute a scheduled job to update NVD records on a nightly or weekly basis. You can also update the script or write your own scripts, as needed.

Before you begin

If the NVD data feed you want to use for the scheduled job is not present, you can add it.

Roles required:
  • If you have the admin role, you can add repositories to the scheduled job.
  • If you have sn_vul.vulnerability_read, you can execute the scheduled job.
  • If you have sn_vul.vulnerability_write, you can edit the details of the scheduled job.

Procedure

  1. Navigate to Vulnerability > Administration > NVD Auto-Update.
  2. For each NVD repository that you want to update automatically, change the Automatically update field to true.
  3. Navigate to Vulnerability > Administration > Integrations.
  4. Select the NIST National Vulnerability Database scheduled job.
  5. Modify the fields as needed.
    Table 1. Vulnerability Integration form
    Field Description
    Name The name of the scheduled job.
    Active Whether the scheduled job is active. If you have previously set up this job and then decided to use a different integrations, you can uncheck this box to deactivate the job.
    Run The frequency you want the job to run. Subsequent fields are displayed or hidden based on your setting in this field.
    Day The day you want the scheduled job to run.

    If you selected Weekly in the Run field, this field displays the days of the week. If you selected Monthly in the Run field, this field displays the days of the month.

    Time The time you want the scheduled job to start.
    Integration script The script for pulling data from the data sources in the Data Sources related list.
    Application [Read only] The name of the application for which you are running the scheduled job.
    Repeat Interval The number of days and hours before the scheduled job runs again. This field appears when Periodically is selected from the Run list.
    Starting The date and time to start the periodic updates. This field appears when Periodically is selected from the Run list.
    Conditional The check box to add conditional parameters.
    Condition The conditions to run the scheduled job. This field appears when the Conditional check box is selected.
    Report processor strategy The strategy for pulling data and processing the scheduled job.
    • If you have identified data sources and added them to the Data Sources related list, you can select Data Source Attachment to pull data from the data sources using the script in the Integration script field.
    • To select a custom processor in the Report Processor field, select Custom Report Processor.
    Report processor The script to execute when the scheduled job runs. This field appears when Custom Report Processor is selected in the Report processor strategy list.
    Processor factory script The script to build the report processor. This field appears when Custom Report Processor is selected in the Report processor strategy list.
  6. To save your changes, click Update.
  7. To run the scheduled job immediately, click Execute Now.
    Note: When the scheduled job runs and new records are downloaded to the NVD, an email notification is sent to the members of the vulnerability response group.