Vulnerability integration script

On the Vulnerability Integration form, the integration script is a reference to a script include that extends the VulnerabilityIntegrationBase script include.

The functionality contained in this script is called by the VulnerabilityIntegrationController to manage the means by which data is retrieved from an external data source. Each subclass of VulnerabilityIntegrationBase has access to contextual information about the calling process. That information is available through the following member variables:
  • integrationGr - a GlideRecord of the vulnerability integration record that requested the integration to run.
  • integrationProcessGr - a GlideRecord that provides contextual information for the current process of an integration.

The vulnerability process contains special parameters to be used within an integration, generally for pagination purposes. Each run of a vulnerability integration (called a Vulnerability Integration Run) has at least one associated vulnerability integration process. For multi-call integrations, there are one or more vulnerability integration process records for each Vulnerability Integration Run.

The script include must provide an implementation for the retrieveData() method and return an object that is processed by the report processor script. The object returned by retrieveData is a simple object with properties for content, contentType, and extension.

Here is a screen shot of VulnerabilityIntegrationBase.retrieveData():
Figure 1. VulnerabilityIntegrationBase.retrieveData()
Vulnerability integration script

The logic in the retrieveData() depends on the interface required for retrieving the data. For example, if the source of the data being pulled has a REST API, the body of this method could be calling the REST endpoint, likely via RESTMessageV2. The response of the call can then be parsed or put into an attachment, and the details could be used to construct the return object.