Ticketing
To enable the Bitdefender GravityZone ticketing capabilities, follow these steps:
In ConnectWise Asio, go to Under Integrations > My Integrations,
Select Bitdefender Cloud Security for MSP and click Update.
Under Connection Setup, select the Enable Ticketing checkbox.
Notice
Partners who are not yet using the ConnectWise Asio ticketing service must migrate their instance to single sign-on (SSO) to access this feature. For details, refer to the ConnectWise Asio Service Tickets documentation (login may be required).
If you already use the Bitdefender - ConnectWise Asio integration, to enable the new Ticketing feature, you must:
Confirm your API key.
If the current API key is unavailable, generate a new one and select the required APIs. For details, refer to Configuring the integration.
Confirm the new ConnectWise Asio integration scopes.
Caution
Due to a known ConnectWise Asio issue, follow this workaround for regenerating integration scopes:
Add your API key and click Test Connection.
Delete the API key you just added. The Regenerate button will now be available.
Click Regenerate. The Mapping screen appears.
Continue and save the changes.
The GravityZone integration creates ConnectWise Asio service tickets based on the type of alert.
Endpoint Detection and Response (EDR) - Bitdefender detects a phishing event based on a new Root Cause Analysis (RCA) displayed in the Incidents section in GravityZone.
Tickets are created with the following priorities:
Score 0-39: Low
Score 40-75: Medium
Score 76-100: Emergency
Antimalware - Bitdefender generates this event when detecting malware on endpoints. Ticket priority: Medium.
Advanced Threat Control - Bitdefender detects and blocks potentially dangerous applications. Ticket priority: Medium.
Advanced Anti-Exploit - Bitdefender detects zero-day and advanced persistent threat activities in real time. Ticket priority: Medium.
Hyper Detect - Bitdefender detects advanced attacks and suspicious activities in the pre-execution stage. Ticket priority: Medium.
Ransomware Detection - Bitdefender generates this event when blocking a ransomware attack. Ticket priority: Emergency.
Firewall - Bitdefender blocks a port scan or application from accesing the network, according to the applied policy. Ticket priority: Low.
Antiphishing - Bitdefender detects a phishing attempt when accessing a web page. Ticket priority: Medium.
Network Attack Defense - Bitdefender detects network attacks designed to gain access on the endpoints. Ticket priority: Emergency.
Web Traffic Scan - Bitdefender blocks user activity such as web browsing, according to the applied policy. Ticket priority: Low.
Sandbox Analyzer - Bitdefender detects a new threat among the submitted files to Sandbox Analyzer. Ticket priority: Medium.
Ticket aggregation
If there is already an open ConnectWise Asio ticket for the same device (matching the computerId of a previous Bitdefender alert):
A note is added to the existing ticket (status unchanged).
Conditions:
The affected
computerIdand the Bitdefender alert type are the same.The ticket was created less than 24 hours ago.
The ticket status is New, Open, In Progress, Scheduled, Waiting Response, Assigned, or Approval.
A new ticket is created with status New.
Conditions:
The affected
computerIdand the Bitdefender alert type are the same.The ticket was created less than 24 hours ago.
The ticket status is Resolved or Closed.
A new ticket is created with status New.
Condition:
The affected
computerIdand the Bitdefender alert type are the same.The ticket was created more than 24 hours ago (regardless of its status).
If the alert type is different, a new ticket is always created with status New, even if another ticket exists for the same device.