nexpose_ticketing 0.8.3 → 1.0.0

data/lib/nexpose_ticketing/helpers/remedy_helper.rb

@@ -5,6 +5,8 @@ require 'uri'
 require 'csv'
 require 'savon'
 require 'nexpose_ticketing/nx_logger'
+require 'nexpose_ticketing/version'
+require 'nexpose_ticketing/common_helper'
 
 # Serves as the Remedy interface for creating/updating issues from 
 # vulnelrabilities found in Nexpose.
@@ -13,42 +15,90 @@ class RemedyHelper
   def initialize(remedy_data, options)
     @remedy_data = remedy_data
     @options = options
-    @log = NexposeTicketing::NXLogger.new
+    @log = NexposeTicketing::NxLogger.instance
+    @common_helper = NexposeTicketing::CommonHelper.new(@options)
+  end
+
+  # Generates a savon-based ticket object.
+  #
+  # * *Args*    :
+  #   - +extra_fields+ -  List of mode-specific fields (hash) to be added to the ticket.
+  #
+  def generate_new_ticket(extra_fields=nil)
+    base_ticket = {
+      'First_Name' => "#{@remedy_data[:first_name]}",
+        'Impact' => '1-Extensive/Widespread',
+        'Last_Name' => "#{@remedy_data[:last_name]}",
+        'Reported_Source' => 'Other',
+        'Service_Type' => 'Infrastructure Event',
+        'Status' => 'New',
+        'Action' => 'CREATE',
+        "Summary"=>"",
+        "Notes"=>"",
+        'Urgency' => '1-Critical',
+    }
+    extra_fields.each { |k, v| base_ticket[k.to_s] = v } if extra_fields
+    base_ticket
+  end
+
+  # Sends a list of tickets (in SOAP format) to Remedy individually (each ticket in the list 
+  # as a separate web service call).
+  #
+  # * *Args*    :
+  #   - +wdsl+ -  XML file which describes the network service.
+  #   - +endpoint+ -  Endpoint to which the data will be submitted.
+  #
+  def get_client(wdsl, endpoint)
+    Savon.client(wsdl:  File.join(File.dirname(__FILE__), "../config/remedy_wsdl/#{wdsl}"),
+                 adapter: :net_http,
+                 ssl_verify_mode: :none,
+                 open_timeout: @remedy_data[:open_timeout],
+                 read_timeout: @remedy_data[:read_timeout],
+                 endpoint: @remedy_data[endpoint.intern],
+                 soap_header: { 'AuthenticationInfo' => 
+                                  { 'userName' => "#{@remedy_data[:username]}",
+                                    'password' => "#{@remedy_data[:password]}",
+                                    'authentication' => "#{@remedy_data[:authentication]}"
+                                   }
+                              })
   end
   
   # Sends a list of tickets (in SOAP format) to Remedy individually (each ticket in the list 
   # as a separate web service call).
   #
   # * *Args*    :
+  #   - +service+ -  The helpdesk service to which the tickets should be submitted.
   #   - +tickets+ -  List of savon-formatted (hash) ticket creates (new tickets).
   #
-  def create_tickets(tickets)
-    fail 'Ticket(s) cannot be empty' if tickets.nil? || tickets.empty?
-    client = Savon.client(wsdl:  File.join(File.dirname(__FILE__), '../config/remedy_wsdl/HPD_IncidentInterface_Create_WS.xml'),
-                           ssl_verify_mode: :none,
-                           open_timeout: @remedy_data[:open_timeout],
-                           read_timeout: @remedy_data[:read_timeout],
-                           endpoint: @remedy_data[:create_soap_endpoint],
-                           soap_header: { 'AuthenticationInfo' => 
-                                          { 'userName' => "#{@remedy_data[:username]}",
-                                            'password' => "#{@remedy_data[:password]}",
-                                            'authentication' => "#{@remedy_data[:authentication]}"
-                                          }
-                                        })
+  def send_tickets(client, service, tickets)
+    service_name = service.to_s.match(/desk_([a-z]*)_/)
+    service_name = service_name.captures.first unless service_name.nil?
     tickets.each do |ticket|
       begin
         @log.log_message(ticket)
-        response = client.call(:help_desk_submit_service, message: ticket)
+        response = client.call(service, message: ticket)
       rescue Savon::SOAPFault => e
-        @log.log_message("SOAP exception in create ticket: #{e.message}")
+        @log.log_message("SOAP exception in #{service_name} ticket: #{e.message}")
         raise
       rescue Savon::HTTPError => e
-        @log.log_message("HTTP error in create ticket: #{e.message}")
+        @log.log_message("HTTP error in #{service_name} ticket: #{e.message}")
         raise
       end
     end
   end
-  
+    
+  # Sends a list of tickets (in SOAP format) to Remedy individually (each ticket in the list 
+  # as a separate web service call).
+  #
+  # * *Args*    :
+  #   - +tickets+ -  List of savon-formatted (hash) ticket creates (new tickets).
+  #
+  def create_tickets(tickets)
+    fail 'Ticket(s) cannot be empty' if tickets.nil? || tickets.empty?
+    client = get_client('HPD_IncidentInterface_Create_WS.xml', :create_soap_endpoint)
+    send_tickets(client, :help_desk_submit_service, tickets)
+  end
+
   # Sends ticket updates (in SOAP format) to Remedy individually (each ticket in the list 
   # as a separate web service call).
   #
@@ -58,30 +108,10 @@ class RemedyHelper
   def update_tickets(tickets)
     if tickets.nil? || tickets.empty?
       @log.log_message("No tickets to update.")
-    else
-      client = Savon.client(wsdl:  File.join(File.dirname(__FILE__), '../config/remedy_wsdl/HPD_IncidentInterface_WS.xml'),
-                             ssl_verify_mode: :none,
-                             open_timeout: @remedy_data[:open_timeout],
-                             read_timeout: @remedy_data[:read_timeout],
-                             endpoint: @remedy_data[:query_modify_soap_endpoint],
-                             soap_header: { 'AuthenticationInfo' => 
-                                            { 'userName' => "#{@remedy_data[:username]}",
-                                              'password' => "#{@remedy_data[:password]}",
-                                              'authentication' => "#{@remedy_data[:authentication]}"
-                                            }
-                                          })
-      tickets.each do |ticket|
-        begin
-          response = client.call(:help_desk_modify_service, message: ticket)
-        rescue Savon::SOAPFault => e
-          @log.log_message("SOAP exception in create ticket: #{e.message}")
-          raise
-        rescue Savon::HTTPError => e
-          @log.log_message("HTTP error in create ticket: #{e.message}")
-          raise
-        end
-      end
+      return
     end
+    client = get_client('HPD_IncidentInterface_WS.xml', :query_modify_soap_endpoint)
+    send_tickets(client, :help_desk_modify_service, tickets)
   end
   
   # Sends ticket closure (in SOAP format) to Remedy individually (each ticket in the list 
@@ -93,30 +123,10 @@ class RemedyHelper
   def close_tickets(tickets)
     if tickets.nil? || tickets.empty?
       @log.log_message("No tickets to close.")
-    else
-      client = Savon.client(wsdl:  File.join(File.dirname(__FILE__), '../config/remedy_wsdl/HPD_IncidentInterface_WS.xml'),
-                             ssl_verify_mode: :none,
-                             open_timeout: @remedy_data[:open_timeout],
-                             read_timeout: @remedy_data[:read_timeout],
-                             endpoint: @remedy_data[:query_modify_soap_endpoint],
-                             soap_header: { 'AuthenticationInfo' => 
-                                            { 'userName' => "#{@remedy_data[:username]}",
-                                              'password' => "#{@remedy_data[:password]}",
-                                              'authentication' => "#{@remedy_data[:authentication]}"
-                                            }
-                                          })
-      tickets.each do |ticket|
-        begin
-          response = client.call(:help_desk_modify_service, message: ticket)
-        rescue Savon::SOAPFault => e
-          @log.log_message("SOAP exception in create ticket: #{e.message}")
-          raise
-        rescue Savon::HTTPError => e
-          @log.log_message("HTTP error in create ticket: #{e.message}")
-          raise
-        end
-      end
+      return
     end
+    client = get_client('HPD_IncidentInterface_WS.xml', :query_modify_soap_endpoint)
+    send_tickets(client, :help_desk_modify_service, tickets)
   end  
   
   # Sends a query (in SOAP format) to Remedy to return back a single ticket based on the criteria.
@@ -128,19 +138,10 @@ class RemedyHelper
   #   - Remedy incident information in hash format or nil if no results are found.
   #
   def query_for_ticket(unique_id)
-    client = Savon.client(wsdl: File.join(File.dirname(__FILE__), '../config/remedy_wsdl/HPD_IncidentInterface_WS.xml'),
-                               ssl_verify_mode: :none,
-                               open_timeout: @remedy_data[:open_timeout],
-                               read_timeout: @remedy_data[:read_timeout],
-                               endpoint: @remedy_data[:query_modify_soap_endpoint],
-                               soap_header: { 'AuthenticationInfo' => 
-                                              { 'userName' => "#{@remedy_data[:username]}",
-                                                'password' => "#{@remedy_data[:password]}",
-                                                'authentication' => "#{@remedy_data[:authentication]}"
-                                              }
-                                            })
+    client = get_client('HPD_IncidentInterface_WS.xml', :query_modify_soap_endpoint)
+
     begin
-      response = client.call(:help_desk_query_list_service, message: {'Qualification' => "'Detailed Decription' LIKE \"%#{unique_id}%\""})
+      response = client.call(:help_desk_query_list_service, message: {'Qualification' => "'Status' < \"Closed\" AND 'Detailed Decription' LIKE \"%#{unique_id}%\""})
     rescue Savon::SOAPFault => e
       @log.log_message("SOAP exception in query ticket: #{e.message}")
       return if e.to_hash[:fault][:faultstring].index("ERROR (302)") == 0
@@ -163,20 +164,19 @@ class RemedyHelper
   #   - List of savon-formated (hash) tickets for creating within Remedy.
   #
   def prepare_create_tickets(vulnerability_list, nexpose_identifier_id)
-    @ticket = Hash.new(-1)
+    @log.log_message('Preparing ticket requests...')
     case @options[:ticket_mode]
-    # 'D' Default mode: IP *-* Vulnerability
-    when 'D'
-      prepare_create_tickets_default(vulnerability_list, nexpose_identifier_id)
-    # 'I' IP address mode: IP address -* Vulnerability
-    when 'I'
-      prepare_create_tickets_by_ip(vulnerability_list, nexpose_identifier_id)
-    # 'V' Vulnerability mode: Vulnerability -* IP address
-    when 'V'
-      prepare_create_tickets_by_vulnerability(vulnerability_list, nexpose_identifier_id)
+    # 'D' Default IP *-* Vulnerability
+    when 'D' then matching_fields = ['ip_address', 'vulnerability_id']
+    # 'I' IP address -* Vulnerability
+    when 'I' then matching_fields = ['ip_address']
+    # 'V' Vulnerability -* Assets
+    when 'V' then matching_fields = ['vulnerability_id']
     else
-      fail 'No ticketing mode selected.'
+        fail 'Unsupported ticketing mode selected.'
     end
+
+    prepare_tickets(vulnerability_list, nexpose_identifier_id, matching_fields)
   end
 
   # Prepare to update tickets from the CSV of vulnerabilities exported from Nexpose. This method determines
@@ -189,113 +189,22 @@ class RemedyHelper
   #   - List of savon-formated (hash) tickets for creating within Remedy.
   #
   def prepare_update_tickets(vulnerability_list, nexpose_identifier_id)
-    @ticket = Hash.new(-1)
     case @options[:ticket_mode]
-      # 'I' IP address mode: IP address -* Vulnerability
-      when 'I'
-        prepare_update_tickets_by_ip(vulnerability_list, nexpose_identifier_id)
-      # 'V' Vulnerability mode: Vulnerability -* IP address
-      when 'V'
-        prepare_update_tickets_by_vulnerability(vulnerability_list, nexpose_identifier_id)
-      else
-        fail 'No ticketing mode selected.'
-    end
-  end
-  
-  # Prepares a list of vulnerabilities into a list of savon-formatted tickets (incidents) for 
-  # Remedy. The preparation by default means that each vulnerability within Nexpose is a 
-  # separate incident within Remedy.  This makes for smaller, more actionalble incidents but 
-  # could lead to a very large total number of incidents.
-  #
-  # * *Args*    :
-  #   - +vulnerability_list+ -  CSV of vulnerabilities within Nexpose.
-  #
-  # * *Returns* :
-  #   - List of savon-formated (hash) tickets for creating within Remedy.
-  #
-  def prepare_create_tickets_default(vulnerability_list, nexpose_identifier_id)
-    @log.log_message("Preparing tickets by default method.")
-    tickets = []
-    CSV.parse(vulnerability_list.chomp, headers: :first_row)  do |row|
-      # NXID in the notes is a unique identifier used to query incidents to update/resolve 
-      # incidents as they are resolved in Nexpose.
-      ticket = {
-        'First_Name' => "#{@remedy_data[:first_name]}",
-        'Impact' => '1-Extensive/Widespread',
-        'Last_Name' => "#{@remedy_data[:last_name]}",
-        'Reported_Source' => 'Other',
-        'Service_Type' => 'Infrastructure Event',
-        'Status' => 'New',
-        'Action' => 'CREATE',
-        'Summary' => "#{row['ip_address']} => #{row['summary']}",
-        'Notes' => "Summary: #{row['summary']} \n\nFix: #{row['fix']} \n\nURL: #{row['url']}
-                    \n\nNXID: #{nexpose_identifier_id}#{row['asset_id']}#{row['vulnerability_id']}#{row['solution_id']}",
-        'Urgency' => '1-Critical'
-      }
-      tickets.push(ticket)
+    # 'D' Default IP *-* Vulnerability
+    when 'D' then fail 'Ticket updates are not supported in Default mode.'
+    # 'I' IP address -* Vulnerability
+    when 'I' then matching_fields = ['ip_address']
+    # 'V' Vulnerability -* Assets
+    when 'V' then matching_fields = ['vulnerability_id']
+    else
+        fail 'Unsupported ticketing mode selected.'
     end
-    tickets
+
+    prepare_tickets(vulnerability_list, nexpose_identifier_id, matching_fields)
   end
   
   # Prepares a list of vulnerabilities into a list of savon-formatted tickets (incidents) for 
-  # Remedy. The preparation by IP means that all vulnerabilities within Nexpose for one IP 
-  # address are consolidated into a single Remedy incident. This reduces the number of incidents
-  # within ServiceNow but greatly increases the size of the work notes.
-  #
-  # * *Args*    :
-  #   - +vulnerability_list+ -  CSV of vulnerabilities within Nexpose.
-  #
-  # * *Returns* :
-  #   - List of savon-formated (hash) tickets for creating within Remedy.
-  #
-  def prepare_create_tickets_by_ip(vulnerability_list, nexpose_identifier_id)
-    @log.log_message('Preparing tickets by IP address.')
-    tickets = []
-    current_ip = -1
-    CSV.parse(vulnerability_list.chomp, headers: :first_row)  do |row|
-      if current_ip == -1 
-        current_ip = row['ip_address']
-        @log.log_message("Creating ticket with IP address: #{row['ip_address']}, Asset ID:  #{row['asset_id']} and Nexpose Identifier ID: #{nexpose_identifier_id}")
-        @ticket = {
-          'First_Name' => "#{@remedy_data[:first_name]}",
-          'Impact' => '1-Extensive/Widespread',
-          'Last_Name' => "#{@remedy_data[:last_name]}",
-          'Reported_Source' => 'Other',
-          'Service_Type' => 'Infrastructure Event',
-          'Status' => 'New',
-          'Action' => 'CREATE',
-          'Summary' => "#{row['ip_address']} => Vulnerabilities",
-          'Notes' => "++ New Vulnerabilities +++++++++++++++++++++++++++++++++++++\n",
-          'Urgency' => '1-Critical'
-        }
-      end
-      if current_ip == row['ip_address']
-        @ticket['Notes'] += 
-          "\n\n========================================== \nSummary: #{row['summary']} \nFix: #{row['fix']}"
-        unless row['url'].nil?
-          @ticket['Notes'] += 
-            "\nURL: #{row['url']}"
-        end
-      end
-      unless current_ip == row['ip_address']
-        # NXID in the work_notes is the unique identifier used to query incidents to update them.
-        @ticket['Notes'] += "\n\nNXID: #{nexpose_identifier_id}#{current_ip}"
-        tickets.push(@ticket)
-        current_ip = -1
-        redo
-      end
-    end
-    # NXID in the work_notes is the unique identifier used to query incidents to update them.
-    @ticket['Notes'] += "\n\nNXID: #{nexpose_identifier_id}#{current_ip}"
-    tickets.push(@ticket) unless @ticket.nil?
-    tickets
-  end
-
-
-  # Prepares a list of vulnerabilities into a list of savon-formatted tickets (incidents) for
-  # Remedy. The preparation by vulnerability means that all IP addresses within Nexpose for one vulnerability
-  # are consolidated into a single Remedy incident. This reduces the number of incidents
-  # within ServiceNow but greatly increases the size of the work notes.
+  # Remedy.
   #
   # * *Args*    :
   #   - +vulnerability_list+ -  CSV of vulnerabilities within Nexpose.
@@ -303,266 +212,131 @@ class RemedyHelper
   # * *Returns* :
   #   - List of savon-formated (hash) tickets for creating within Remedy.
   #
-  def prepare_create_tickets_by_vulnerability(vulnerability_list, nexpose_identifier_id)
-    @log.log_message("Preparing tickets by vulnerability.")
-    tickets = []
-    current_vuln_id = -1
-    current_solution_id = -1
-    current_asset_id = -1
-    full_summary = nil
-    vulnerability_list_header = vulnerability_list[0]
-    CSV.parse(vulnerability_list.chomp, headers: :first_row)  do |row|
-    #New vulnerability ID (the query sorting criteria).
-    if current_vuln_id == -1
-      current_vuln_id = row['vulnerability_id']
-      current_solution_id = row['solution_id']
-      current_asset_id =  row['asset_id']
-      @log.log_message("Creating ticket with vulnerability id: #{row['vulnerability_id']}, Asset ID:  #{row['asset_id']} and Nexpose Identifier ID: #{nexpose_identifier_id}")
-      summary = "Vulnerability: #{row['title']}"
-
-      #Remedy has a summary field max size of 100 so truncate any summaries that are larger than that and place the full summary in the notes.
-      if summary.length > 100
-        full_summary = summary += "\n\n\n"
-        summary = summary[0..96]
-        summary += '...'
-      else
-        full_summary = nil
-      end
-
-      @ticket = {
-          'First_Name' => "#{@remedy_data[:first_name]}",
-          'Impact' => '1-Extensive/Widespread',
-          'Last_Name' => "#{@remedy_data[:last_name]}",
-          'Reported_Source' => 'Other',
-          'Service_Type' => 'Infrastructure Event',
-          'Status' => 'New',
-          'Action' => 'CREATE',
-          'Summary' => summary,
-          'Full_Summary' => summary,
-          'Assets' => "++ Assets affected +++++++++++++++++++++++\n",
-          'Solutions' =>  "++ Details ++++++++++++++++++++++++++\n",
-          'Notes' => "++ Additional information ++++++++++++++++\n",
-          'Urgency' => '1-Critical'
-      }
-      @ticket['Solutions'] +=
-          "\n\n========================================== \nSummary: #{row['summary']} \nFix: #{row['fix']}"
-      @ticket['Assets'] +=
-          "#{row['ip_address']}"
-    end
-    if current_vuln_id == row['vulnerability_id']
-      #Add solutions for the now affected assets.
-      if current_solution_id != row['solution_id']
-        new_solution_text =  "\n========================================== \nSummary: #{row['summary']} \nFix: #{row['fix']}\n"
-        if  @ticket['Solutions'].include? new_solution_text
-          @log.log_message('Ignoring duplicate solution in ticket creation.')
-        else
-          @ticket['Solutions'] += new_solution_text
-          #Add any references.
-          unless row['url'].nil?
-            @ticket['Solutions'] += "\nURL: #{row['url']}"
-          end
-        end
-        current_solution_id = row['solution_id']
-      end
-
-      #Added the new asset to the list of affected systems if it is different (could have been the same asset with a different solution ID).
-      if current_asset_id != row['asset_id']
-        @ticket['Assets'] += ", #{row['ip_address']}"
-        current_asset_id = row['asset_id']
-      end
-    end
-    unless current_vuln_id == row['vulnerability_id']
-      # NXID in the work_notes is the unique identifier used to query incidents to update them.
-      @ticket['Notes'] += "\n\nNXID: #{nexpose_identifier_id}#{current_asset_id}#{current_vuln_id}"
-      current_vuln_id = -1
-      current_solution_id = -1
-      current_asset_id = -1
-      @ticket = format_notes_by_vulnerability(@ticket, full_summary)
-      tickets.push(@ticket)
-      redo
-    end
-  end
-  # NXID in the work_notes is the unique identifier used to query incidents to update them.
-  @ticket['Notes'] += "\n\nNXID: #{nexpose_identifier_id}#{current_asset_id}#{current_vuln_id}"
-  @ticket = format_notes_by_vulnerability(@ticket, full_summary)
-  tickets.push(@ticket) unless @ticket.nil?
-  tickets
-  end
-
-  def format_notes_by_vulnerability(ticket, prepend)
-    nxid_holder = ticket['Notes']
-    ticket['Notes'] = ''
-    ticket['Notes'] += prepend unless prepend.nil?
-    ticket['Notes'] += ticket['Assets'] += "\n\n"
-    ticket['Notes'] += ticket['Solutions'] += "\n\n"
-    ticket['Notes'] += nxid_holder
-    ticket.delete("Assets")
-    ticket.delete("Solutions")
-    ticket.delete("Full_Summary")
-    ticket
-  end
-
-
-  # Prepare ticket updates from the CSV of vulnerabilities exported from Nexpose. This method 
-  # currently only supports updating IP-address mode tickets in Remedy. The list of vulnerabilities 
-  # are ordered by IP address and then by ticket_status, allowing the method to loop through and  
-  # display new, old, and same vulnerabilities in that order.
-  #
-  #   - +vulnerability_list+ -  CSV of vulnerabilities within Nexpose.
-  #
-  # * *Returns* :
-  #   - List of savon-formated (hash) tickets for updating within Remedy.
-  #
-  def prepare_update_tickets_by_ip(vulnerability_list, nexpose_identifier_id)
-    fail 'Ticket updates are only supported in IP-address mode.' if @options[:ticket_mode] != 'I'
+  def prepare_tickets(vulnerability_list, nexpose_identifier_id, matching_fields)
     @ticket = Hash.new(-1)
     
-    @log.log_message('Preparing ticket updates by IP address.')
+    @log.log_message("Preparing tickets for #{@options[:ticket_mode]} mode.")
     tickets = []
-    current_ip = -1
-    ticket_status = 'New'
+    previous_row = nil
+    description = nil
     CSV.parse(vulnerability_list.chomp, headers: :first_row)  do |row|
-      if current_ip == -1 
-        current_ip = row['ip_address']
-        ticket_status = row['comparison']
+      if previous_row.nil?
+        previous_row = row.dup        
+        description = @common_helper.get_description(nexpose_identifier_id, row)
+        @ticket = generate_new_ticket({'Summary' => "#{@common_helper.get_title(row, 100)}",
+                                        'Notes' => ""})
+        #Skip querying for ticket if it's the initial scan
+        next if row['comparison'].nil?
         
         # Query Remedy for the incident by unique id (generated NXID)
-        queried_incident = query_for_ticket("NXID: #{nexpose_identifier_id}#{row['ip_address']}")
-        if queried_incident.nil? || queried_incident.empty?
-          @log.log_message("No incident found for NXID: #{nexpose_identifier_id}#{row['asset_id']}#{row['vulnerability_id']}#{row['solution_id']}")
-        else
-          @log.log_message("Creating ticket update with IP address: #{row['ip_address']} for Nexpose Identifier with ID: #{nexpose_identifier_id}")
-          @log.log_message("Ticket status #{ticket_status}")
-          # Remedy incident updates require populating all fields.
-          @ticket = extract_queried_incident(queried_incident, "++ #{row['comparison']} Vulnerabilities ++++++++++++++++++++++++++\n")
-          end
-      end
-      if current_ip == row['ip_address']
-        # If the ticket_status is different, add a a new 'header' to signify a new block of tickets.
-        unless ticket_status == row['comparison']
-          @ticket['Notes'] += 
-            "\n\n\n++ #{row['comparison']} Vulnerabilities ++++++++++++++++++++++++++\n"
-          ticket_status = row['comparison']
-        end
-
-        @ticket['Notes'] +=
-          "\n\n========================================== \nSummary: #{row['summary']} \nFix: #{row['fix']}"
-        # Only add the URL block if data exists in the row.
-        unless row['url'].nil?
-          @ticket['Notes'] += 
-            "\nURL: #{row['url']}"
+        queried_incident = query_for_ticket("NXID: #{@common_helper.generate_nxid(nexpose_identifier_id, row)}")
+        if !queried_incident.nil? && queried_incident.first.is_a?(Hash)
+          queried_incident.select! { |t| !['Closed', 'Resolved', 'Cancelled'].include?(t[:status]) }
         end
-      end
-      unless current_ip == row['ip_address']
-        # NXID in the work_notes is the unique identifier used to query incidents to update them.
-        @ticket['Notes'] += "\n\nNXID: #{nexpose_identifier_id}#{current_ip}"
-        tickets.push(@ticket)
-        current_ip = -1
-        redo
-      end
-    end
-    # NXID in the work_notes is the unique identifier used to query incidents to update them.
-    @ticket['Notes'] += "\n\nNXID: #{nexpose_identifier_id}#{current_ip}" unless @ticket.empty?
-    tickets.push(@ticket) unless @ticket.nil? || @ticket.empty?
-    tickets
-  end
-
-  # Prepare ticket updates from the CSV of vulnerabilities exported from Nexpose. This method
-  # currently only supports updating vulnerability mode tickets in Remedy. The list of vulnerabilities
-  # are ordered by vulnerability ID and then by ticket_status, allowing the method to loop through and
-  # display new, old, and same vulnerabilities in that order.
-  #
-  #   - +vulnerability_list+ -  CSV of vulnerabilities within Nexpose.
-  #
-  # * *Returns* :
-  #   - List of savon-formated (hash) tickets for updating within Remedy.
-  #
-  def prepare_update_tickets_by_vulnerability(vulnerability_list, nexpose_identifier_id)
-    fail 'Ticket updates are only supported in IP-address mode.' if @options[:ticket_mode] != 'V'
-    @ticket = Hash.new(-1)
-
-    @log.log_message('Preparing ticket updates by IP address.')
-    tickets = []
-    current_vuln_id = -1
-    current_solution_id = -1
-    current_asset_id = -1
-    current_solutions_text = "\n++ Details ++++++++++++++\n"
-    ticket_status = 'New'
-    CSV.parse(vulnerability_list.chomp, headers: :first_row)  do |row|
-      if current_vuln_id == -1
-        current_solutions_text = "\n++ Details +++++++++++++++\n"
-        current_vuln_id = row['vulnerability_id']
-        ticket_status = row['comparison']
-        current_asset_id = -1
-        current_solution_id = -1
-
-        # Query Remedy for the incident by unique id (generated NXID)
-        queried_incident = query_for_ticket("NXID: #{nexpose_identifier_id}#{row['asset_id']}#{row['vulnerability_id']}")
         if queried_incident.nil? || queried_incident.empty?
-          @log.log_message("No incident found for NXID: #{nexpose_identifier_id}#{row['asset_id']}#{row['vulnerability_id']}#{row['solution_id']}. Creating...")
+          @log.log_message("No incident found for NXID: #{@common_helper.generate_nxid(nexpose_identifier_id, row)}. Creating...")
           new_ticket_csv = vulnerability_list.split("\n").first
           new_ticket_csv += "\n#{row.to_s}"
-          new_ticket = prepare_create_tickets_by_vulnerability(new_ticket_csv, nexpose_identifier_id)
+          
+          #delete the comparison row
+          data = CSV::Table.new(CSV.parse(new_ticket_csv, headers: true))
+          data.delete("comparison")
+
+          new_ticket = prepare_create_tickets(data.to_s, nexpose_identifier_id)
           @log.log_message('Created ticket. Sending to Remedy...')
           create_tickets(new_ticket)
           @log.log_message('Ticket sent. Performing update for ticket...')
           #Now that there is a ticket for this NXID update it as if it existed this whole time...
-          current_vuln_id = -1
+          previous_row = nil
           redo
         else
-          @log.log_message("Creating ticket update for vulnerability with ID: #{row['vulnerability_id']}, Asset ID:  #{row['asset_id']} and Nexpose Identifier ID: #{nexpose_identifier_id}. Ticket status #{ticket_status}.")
+          info = @common_helper.get_field_info(matching_fields, previous_row)
+          @log.log_message("Creating ticket update with #{info} for Nexpose Identifier with ID: #{nexpose_identifier_id}")
+          @log.log_message("Ticket status #{row['comparison']}")
           # Remedy incident updates require populating all fields.
-          @ticket = extract_queried_incident(queried_incident, "++ #{row['comparison']} Assets ++++++++++++++++++++++\n")
-        end
-      end
-      if current_vuln_id == row['vulnerability_id']
-        # If the ticket_status is different, add a a new 'header' to signify a new block of tickets.
-        unless ticket_status == row['comparison']
-          @ticket['Notes'] +=
-              "\n\n\n++ #{row['comparison']} Assets +++++++++++++++++++++++\n"
-          ticket_status = row['comparison']
-        end
+          @ticket = extract_queried_incident(queried_incident, "")
+        end   
+      elsif matching_fields.any? { |x| previous_row[x].nil? || previous_row[x] != row[x] }
+        info = @common_helper.get_field_info(matching_fields, previous_row)
+        @log.log_message("Generated ticket with #{info}")
 
-        #Added the new asset to the list of affected systems if it is different (could have been the same asset with a different solution ID).
-        if current_asset_id != row['asset_id']
-          @ticket['Notes'] += "#{row['ip_address']}, "
-          current_asset_id = row['asset_id']
-        end
-
-        #Add solutions for the now affected assets.
-        if current_solution_id != row['solution_id']
-          new_solution_text =  "\n========================================== \nSummary: #{row['summary']} \nFix: #{row['fix']}\n"
-          if current_solutions_text.include? new_solution_text
-            @log.log_message('Ignoring duplicate solution for ticket update.')
-          else
-          current_solutions_text += new_solution_text
-            #Add any references.
-            unless row['url'].nil?
-              current_solutions_text +=
-                  "\nURL: #{row['url']}"
-            end
-          end
-          current_solution_id = row['solution_id']
-        end
-      end
-      unless current_vuln_id == row['vulnerability_id']
-        # NXID in the work_notes is the unique identifier used to query incidents to update them.
-        @ticket['Notes'] += "\n\n" + current_solutions_text
-        @ticket['Notes'] += "\n\nNXID: #{nexpose_identifier_id}#{current_asset_id}#{current_vuln_id}"
+        @ticket['Notes'] = @common_helper.print_description(description)
         tickets.push(@ticket)
-        current_vuln_id = -1
-        current_solution_id = -1
-        current_asset_id = -1
+        previous_row = nil
+        description = nil
         redo
+      else
+        description = @common_helper.update_description(description, row)        
       end
     end
-    # NXID in the work_notes is the unique identifier used to query incidents to update them.
-    @ticket['Notes'] += current_solutions_text
-    @ticket['Notes'] += "\n\nNXID: #{nexpose_identifier_id}#{current_asset_id}#{current_vuln_id}" unless @ticket.empty?
-    tickets.push(@ticket) unless @ticket.nil? || @ticket.empty?
+
+    unless @ticket.nil? || @ticket.empty?
+      @ticket['Notes'] = @common_helper.print_description(description)
+      tickets.push(@ticket)
+    end
+
+    @log.log_message("Generated <#{tickets.count.to_s}> tickets.")
     tickets
   end
 
+  # Creates a ticket with the extracted data from a queried Remedy incident.
+  #
+  #   - +queried_incident+ - The queried incident from Remedy
+  #   - +notes_header+ - The texted to be placed at the top of the Remedy 'Notes' field.
+  #   - +status+ - The status to which the ticket will be set.
+  #
+  # * *Returns* :
+  #   - A single savon-formated (hash) ticket for updating within Remedy.
+  #
+  def ticket_from_queried_incident(queried_incident, notes_header, status)
+    {
+      'Categorization_Tier_1' => queried_incident[:categorization_tier_1],
+      'Categorization_Tier_2' => queried_incident[:categorization_tier_2],
+      'Categorization_Tier_3' => queried_incident[:categorization_tier_3],
+      'Closure_Manufacturer' => queried_incident[:closure_manufacturer],
+      'Closure_Product_Category_Tier1' => queried_incident[:closure_product_category_tier1],
+      'Closure_Product_Category_Tier2' => queried_incident[:closure_product_category_tier2],
+      'Closure_Product_Category_Tier3' => queried_incident[:closure_product_category_tier3],
+      'Closure_Product_Model_Version' => queried_incident[:closure_product_model_version],
+      'Closure_Product_Name' => queried_incident[:closure_product_name],
+      'Company' => queried_incident[:company],
+      'Summary' => queried_incident[:summary],
+      'Notes' => notes_header || queried_incident[:notes],
+      'Impact' => queried_incident[:impact],
+      'Manufacturer' => queried_incident[:manufacturer],
+      'Product_Categorization_Tier_1' => queried_incident[:product_categorization_tier_1],
+      'Product_Categorization_Tier_2' => queried_incident[:product_categorization_tier_2],
+      'Product_Categorization_Tier_3' => queried_incident[:product_categorization_tier_3],
+      'Product_Model_Version' => queried_incident[:product_model_version],
+      'Product_Name' => queried_incident[:product_name],
+      'Reported_Source' => queried_incident[:reported_source],
+      'Resolution' => queried_incident[:resolution],
+      'Resolution_Category' => queried_incident[:resolution_category],
+      'Resolution_Category_Tier_2' => queried_incident[:resolution_category_tier_2],
+      'Resolution_Category_Tier_3' => queried_incident[:resolution_category_tier_3],
+      'Resolution_Method' => queried_incident[:resolution_method],
+      'Service_Type' => queried_incident[:service_type],
+      'Status' => status || queried_incident[:status],
+      'Urgency' => queried_incident[:urgency],
+      'Action' => 'MODIFY',
+      'Work_Info_Summary' => queried_incident[:work_info_summary],
+      'Work_Info_Notes' => queried_incident[:work_info_notes],
+      'Work_Info_Type' => queried_incident[:work_info_type],
+      'Work_Info_Date' => queried_incident[:work_info_date],
+      'Work_Info_Source' => queried_incident[:work_info_source],
+      'Work_Info_Locked' => queried_incident[:work_info_locked],
+      'Work_Info_View_Access' => queried_incident[:work_info_view_access],
+      'Incident_Number' => queried_incident[:incident_number],
+      'Status_Reason' => queried_incident[:status_reason],
+      'ServiceCI' => queried_incident[:service_ci],
+      'ServiceCI_ReconID' => queried_incident[:service_ci_recon_id],
+      'HPD_CI' => queried_incident[:hpd_ci],
+      'HPD_CI_ReconID' => queried_incident[:hpd_ci_recon_id],
+      'HPD_CI_FormName' => queried_incident[:hpd_ci_form_name],
+      'z1D_CI_FormName' => queried_incident[:z1d_ci_form_name]
+    }
+  end
+
   # Extracts from a queried Remedy incident the relevant data required for an update to be made to said incident.
   # Creates a ticket with the extracted data.
   #
@@ -573,116 +347,13 @@ class RemedyHelper
   #   - A single savon-formated (hash) ticket for updating within Remedy.
   #
   def extract_queried_incident(queried_incident, notes_header)
-
-    if queried_incident[0].is_a?(Hash)
-      #Hash of hashes
-      @log.log_message("More than one ticket returned from Remedy. Number of tickets returned: #{queried_incident.count}. Parsing return to check returned ticket status...")
-      @ticket = nil
-      queried_incident.count.times do |x|
-        #TODO: This should be moved to the config for the Remedy helper.
-        if ['Closed', 'Resolved', 'Cancelled'].include? queried_incident[x][:status]
-          @log.log_message("Returned ticket number <#{x}> of <#{(queried_incident.count - 1)}> is of status <#{queried_incident[x][:status]}>. Ignoring.")
-        else
-          fail 'When trying to update tickets Remedy returned multiple tickets with the same NXID and in progress status!' unless @ticket.nil?
-          @ticket = {
-              'Categorization_Tier_1' => queried_incident[x][:categorization_tier_1],
-              'Categorization_Tier_2' => queried_incident[x][:categorization_tier_2],
-              'Categorization_Tier_3' => queried_incident[x][:categorization_tier_3],
-              'Closure_Manufacturer' => queried_incident[x][:closure_manufacturer],
-              'Closure_Product_Category_Tier1' => queried_incident[x][:closure_product_category_tier1],
-              'Closure_Product_Category_Tier2' => queried_incident[x][:closure_product_category_tier2],
-              'Closure_Product_Category_Tier3' => queried_incident[x][:closure_product_category_tier3],
-              'Closure_Product_Model_Version' => queried_incident[x][:closure_product_model_version],
-              'Closure_Product_Name' => queried_incident[x][:closure_product_name],
-              'Company' => queried_incident[x][:company],
-              'Summary' => queried_incident[x][:summary],
-              'Notes' => notes_header,
-              'Impact' => queried_incident[x][:impact],
-              'Manufacturer' => queried_incident[x][:manufacturer],
-              'Product_Categorization_Tier_1' => queried_incident[x][:product_categorization_tier_1],
-              'Product_Categorization_Tier_2' => queried_incident[x][:product_categorization_tier_2],
-              'Product_Categorization_Tier_3' => queried_incident[x][:product_categorization_tier_3],
-              'Product_Model_Version' => queried_incident[x][:product_model_version],
-              'Product_Name' => queried_incident[x][:product_name],
-              'Reported_Source' => queried_incident[x][:reported_source],
-              'Resolution' => queried_incident[x][:resolution],
-              'Resolution_Category' => queried_incident[x][:resolution_category],
-              'Resolution_Category_Tier_2' => queried_incident[x][:resolution_category_tier_2],
-              'Resolution_Category_Tier_3' => queried_incident[x][:resolution_category_tier_3],
-              'Resolution_Method' => queried_incident[x][:resolution_method],
-              'Service_Type' => queried_incident[x][:service_type],
-              'Status' => queried_incident[x][:status],
-              'Urgency' => queried_incident[x][:urgency],
-              'Action' => 'MODIFY',
-              'Work_Info_Summary' => queried_incident[x][:work_info_summary],
-              'Work_Info_Notes' => queried_incident[x][:work_info_notes],
-              'Work_Info_Type' => queried_incident[x][:work_info_type],
-              'Work_Info_Date' => queried_incident[x][:work_info_date],
-              'Work_Info_Source' => queried_incident[x][:work_info_source],
-              'Work_Info_Locked' => queried_incident[x][:work_info_locked],
-              'Work_Info_View_Access' => queried_incident[x][:work_info_view_access],
-              'Incident_Number' => queried_incident[x][:incident_number],
-              'Status_Reason' => queried_incident[x][:status_reason],
-              'ServiceCI' => queried_incident[x][:service_ci],
-              'ServiceCI_ReconID' => queried_incident[x][:service_ci_recon_id],
-              'HPD_CI' => queried_incident[x][:hpd_ci],
-              'HPD_CI_ReconID' => queried_incident[x][:hpd_ci_recon_id],
-              'HPD_CI_FormName' => queried_incident[x][:hpd_ci_form_name],
-              'z1D_CI_FormName' => queried_incident[x][:z1d_ci_form_name]
-          }
-        end
-      end
-    else
-      @ticket = {
-          'Categorization_Tier_1' => queried_incident[:categorization_tier_1],
-          'Categorization_Tier_2' => queried_incident[:categorization_tier_2],
-          'Categorization_Tier_3' => queried_incident[:categorization_tier_3],
-          'Closure_Manufacturer' => queried_incident[:closure_manufacturer],
-          'Closure_Product_Category_Tier1' => queried_incident[:closure_product_category_tier1],
-          'Closure_Product_Category_Tier2' => queried_incident[:closure_product_category_tier2],
-          'Closure_Product_Category_Tier3' => queried_incident[:closure_product_category_tier3],
-          'Closure_Product_Model_Version' => queried_incident[:closure_product_model_version],
-          'Closure_Product_Name' => queried_incident[:closure_product_name],
-          'Company' => queried_incident[:company],
-          'Summary' => queried_incident[:summary],
-          'Notes' => notes_header,
-          'Impact' => queried_incident[:impact],
-          'Manufacturer' => queried_incident[:manufacturer],
-          'Product_Categorization_Tier_1' => queried_incident[:product_categorization_tier_1],
-          'Product_Categorization_Tier_2' => queried_incident[:product_categorization_tier_2],
-          'Product_Categorization_Tier_3' => queried_incident[:product_categorization_tier_3],
-          'Product_Model_Version' => queried_incident[:product_model_version],
-          'Product_Name' => queried_incident[:product_name],
-          'Reported_Source' => queried_incident[:reported_source],
-          'Resolution' => queried_incident[:resolution],
-          'Resolution_Category' => queried_incident[:resolution_category],
-          'Resolution_Category_Tier_2' => queried_incident[:resolution_category_tier_2],
-          'Resolution_Category_Tier_3' => queried_incident[:resolution_category_tier_3],
-          'Resolution_Method' => queried_incident[:resolution_method],
-          'Service_Type' => queried_incident[:service_type],
-          'Status' => queried_incident[:status],
-          'Urgency' => queried_incident[:urgency],
-          'Action' => 'MODIFY',
-          'Work_Info_Summary' => queried_incident[:work_info_summary],
-          'Work_Info_Notes' => queried_incident[:work_info_notes],
-          'Work_Info_Type' => queried_incident[:work_info_type],
-          'Work_Info_Date' => queried_incident[:work_info_date],
-          'Work_Info_Source' => queried_incident[:work_info_source],
-          'Work_Info_Locked' => queried_incident[:work_info_locked],
-          'Work_Info_View_Access' => queried_incident[:work_info_view_access],
-          'Incident_Number' => queried_incident[:incident_number],
-          'Status_Reason' => queried_incident[:status_reason],
-          'ServiceCI' => queried_incident[:service_ci],
-          'ServiceCI_ReconID' => queried_incident[:service_ci_recon_id],
-          'HPD_CI' => queried_incident[:hpd_ci],
-          'HPD_CI_ReconID' => queried_incident[:hpd_ci_recon_id],
-          'HPD_CI_FormName' => queried_incident[:hpd_ci_form_name],
-          'z1D_CI_FormName' => queried_incident[:z1d_ci_form_name]
-      }
+    unless queried_incident.first.is_a?(Hash)
+      return ticket_from_queried_incident(queried_incident, notes_header, nil) 
     end
-    @ticket
-  end
 
+    fail "Multiple tickets returned for same NXID" if queried_incidents.count > 1 
+    ticket_from_queried_incident(queried_incident.first, notes_header, nil)
+  end
 
   # Prepare ticket closures from the CSV of vulnerabilities exported from Nexpose.
   #
@@ -693,79 +364,22 @@ class RemedyHelper
   #   - List of savon-formated (hash) tickets for closing within Remedy.
   #
   def prepare_close_tickets(vulnerability_list, nexpose_identifier_id)
-    fail 'Ticket closures are only supported in default mode.' if @options[:ticket_mode] == 'I'
-    @log.log_message('Preparing ticket closures by default method.')
+    @log.log_message("Preparing ticket closures for mode #{@options[:ticket_mode]}.")
     @nxid = nil
     tickets = []
     CSV.parse(vulnerability_list.chomp, headers: :first_row)  do |row|
-      case @options[:ticket_mode]
-        # 'D' Default mode: IP *-* Vulnerability
-        when 'D'
-          @nxid = "#{nexpose_identifier_id}#{row['asset_id']}#{row['vulnerability_id']}#{row['solution_id']}"
-        # 'I' IP address mode: IP address -* Vulnerability
-        when 'I'
-          @nxid = "#{nexpose_identifier_id}#{row['current_ip']}"
-        # 'V' Vulnerability mode: Vulnerability -* IP address
-        when 'V'
-          @nxid = "#{nexpose_identifier_id}#{row['current_asset_id']}#{row['current_vuln_id']}"
-        else
-          fail 'Could not close tickets - do not understand the ticketing mode!'
-      end
+      @nxid = @common_helper.generate_nxid(nexpose_identifier_id, row)
+
       # Query Remedy for the incident by unique id (generated NXID)
       queried_incident = query_for_ticket("NXID: #{@nxid}")
       if queried_incident.nil? || queried_incident.empty?
         @log.log_message("No incident found for NXID: #{@nxid}")
       else
         # Remedy incident updates require populating all fields.
-        ticket = {
-          'Categorization_Tier_1' => queried_incident[:categorization_tier_1],
-          'Categorization_Tier_2' => queried_incident[:categorization_tier_2],
-          'Categorization_Tier_3' => queried_incident[:categorization_tier_3],
-          'Closure_Manufacturer' => queried_incident[:closure_manufacturer],
-          'Closure_Product_Category_Tier1' => queried_incident[:closure_product_category_tier1],
-          'Closure_Product_Category_Tier2' => queried_incident[:closure_product_category_tier2],
-          'Closure_Product_Category_Tier3' => queried_incident[:closure_product_category_tier3],
-          'Closure_Product_Model_Version' => queried_incident[:closure_product_model_version],
-          'Closure_Product_Name' => queried_incident[:closure_product_name],
-          'Company' => queried_incident[:company],
-          'Summary' => queried_incident[:summary],
-          'Notes' => queried_incident[:notes],
-          'Impact' => queried_incident[:impact],
-          'Manufacturer' => queried_incident[:manufacturer],
-          'Product_Categorization_Tier_1' => queried_incident[:product_categorization_tier_1],
-          'Product_Categorization_Tier_2' => queried_incident[:product_categorization_tier_2],
-          'Product_Categorization_Tier_3' => queried_incident[:product_categorization_tier_3],
-          'Product_Model_Version' => queried_incident[:product_model_version],
-          'Product_Name' => queried_incident[:product_name],
-          'Reported_Source' => queried_incident[:reported_source],
-          'Resolution' => queried_incident[:resolution],
-          'Resolution_Category' => queried_incident[:resolution_category],
-          'Resolution_Category_Tier_2' => queried_incident[:resolution_category_tier_2],
-          'Resolution_Category_Tier_3' => queried_incident[:resolution_category_tier_3],
-          'Resolution_Method' => queried_incident[:resolution_method],
-          'Service_Type' => queried_incident[:service_type],
-          'Status' => 'Closed',
-          'Urgency' => queried_incident[:urgency],
-          'Action' => 'MODIFY',
-          'Work_Info_Summary' => queried_incident[:work_info_summary],
-          'Work_Info_Notes' => queried_incident[:work_info_notes],
-          'Work_Info_Type' => queried_incident[:work_info_type],
-          'Work_Info_Date' => queried_incident[:work_info_date],
-          'Work_Info_Source' => queried_incident[:work_info_source],
-          'Work_Info_Locked' => queried_incident[:work_info_locked],
-          'Work_Info_View_Access' => queried_incident[:work_info_view_access],
-          'Incident_Number' => queried_incident[:incident_number],
-          'Status_Reason' => queried_incident[:status_reason],
-          'ServiceCI' => queried_incident[:service_ci],
-          'ServiceCI_ReconID' => queried_incident[:service_ci_recon_id],
-          'HPD_CI' => queried_incident[:hpd_ci],
-          'HPD_CI_ReconID' => queried_incident[:hpd_ci_recon_id],
-          'HPD_CI_FormName' => queried_incident[:hpd_ci_form_name],
-          'z1D_CI_FormName' => queried_incident[:z1d_ci_form_name]
-        }
+        ticket = ticket_from_queried_incident(queried_incident, nil, 'Closed')
         tickets.push(ticket)
       end
     end
     tickets
   end
-end
+end