Integrating Acunetix 360 with Redmine
Redmine is an issue tracking system that is part of a larger, flexible project management web application. It is free and open source, cross-platform and cross-database. Redmine is written using the Ruby on Rails framework.
This topic explains how to configure Acunetix 360 to send a detected vulnerability to Redmine.
This table lists and explains the Redmine fields in the New Redmine Integration window.
This is the name of the configuration that will be shown elsewhere.
This section contains fields that must be completed.
This is the Redmine instance URL.
Api Access Key
This is the API Access Key for authentication.
This is the project identifier in which to create an issue.
This is the priority identifier.
This is the string format that is used to create the vulnerability title.
This section contains optional fields.
This is the tracker identifier.
This is the status identifier.
This is the category identifier.
This is the assignee identifier.
This is the number of days between the date the issue was created to the date it's due.
This indicates whether the issue is accessible only to the assignee.
This section contains user-defined custom fields.
New Custom Field
Click to create a new custom field.
Enter a name for the new custom field.
Enter a value for the new custom field.
Click the dropdown to change the input type. The options are:
Create Sample Issue
Once all relevant fields have been configured, click to create a sample issue.
How to Integrate Acunetix 360 with Redmine
- Log in to Acunetix 360.
- From the main menu, click Integrations then New Integration.
- From the Issue Tracking Systems section, click Redmine. The New Redmine Integration window is displayed.
- In the Name field, enter a name for the integration.
- In the Mandatory section, complete the connection details:
- Api Access Key
- Priority Id
- Title Format
- Open Redmine.
- From the main menu, click Projects, then select the relevant project from the list.
- Click Settings, then Information. The Information tab is displayed, showing the Identifier.
- Copy the Identifier value from Redmine and paste it into Project field in Acunetix 360.
- In Redmine, click Administration, then Enumerations. The Enumerations window is displayed.
- Click the priority name to find the Identifier value displayed in the URL in the browser bar. Then copy the value and paste into the Priority field in Acunetix 360.
- Copy the Priority value from Redmine and paste it into the Priority field Acunetix 360.
- In Redmine, click Administration. The Administration window is displayed.
- Copy the values from the Tracker ID and Status ID fields.
- In Acunetix 360, in the Optional section, paste the values into the Tracker ID and Status ID fields.
- In Redmine, click Settings, then Edit for a category. The Category identifier is displayed as the URL in the browser’s address bar. (The Category ID is the URL.)
- Copy the Category ID value.
- In Acunetix 360, in the Optional section, paste the value into the Category ID field.
- Complete the Assignee ID, Due Days and Is Private fields.
- If required, click New Custom Field. Two fields are displayed: Name and Value.
- In the Name field, enter a name for the value containing the custom field identifier.
- In the Value field, enter a value for the new custom field identifier.
- Click Create Sample Issue to confirm that Acunetix 360 can connect to the configured system. A confirmation message is displayed to confirm that the sample issue has been successfully created.
- In the confirmation message, click the Issue number link to open the issue in your default browser.
- If the Redmine integration is not configured correctly, Acunetix 360 will correctly route the following descriptive error messages to you. Sample error messages may be displayed as illustrated:
- If the URL or API Access Key was entered incorrectly
- If the Priority was entered incorrectly
- Click Save to save the integration.
How to Export Reported Vulnerabilities to Projects in Redmine
There are several ways to send issues to Redmine with Acunetix 360:
- Once notifications have been configured, you can configure Acunetix 360 to automatically send vulnerabilities after scanning has been completed (see How to Configure a Notification to Report Vulnerabilities to an Issue Tracking System).
- You can send one or more issues from the Issues window:
- You must have Manage Issue permission.
- From the main menu, select Issues, then All Issues. The Issues window is displayed.
- Select one or more issues you want to send.
- Click Send To, then Redmine.
- A popup is displayed, with a link to the issue you have sent to Redmine. If there is an error, this information will be displayed instead.
- You can send an issue from the Recent Scans window:
- From the main menu, click Scans then Recent Scans.
- Next to the relevant scan, click Report. The report is displayed.
- Scroll down to the Technical Report section.
- From the list of detected vulnerabilities, click to select an issue and display its details.
- Click Send To, then Redmine.
- If you have previously submitted this vulnerability to Redmine, it will already be accessible. You cannot submit the same issue twice.
- If you view opened problem logs in Redmine, they look like this.