nexpose_ticketing 0.8.3 → 1.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 7616fb5d627a944b54dd186638aec10369bf9f66
-  data.tar.gz: 1e38b63f2ab01292ebcac1a50de0ccdb4eb05374
+  metadata.gz: 16cf7f70522d51ed7a38070041ad4396e4e56ce7
+  data.tar.gz: 946842a9a482cbf608fbdf1bf9853919db1cdbe5
 SHA512:
-  metadata.gz: 9ba361ae83efbe879cbf087d796564d0cc92342663c98fcd28dded3a4330f7f2b62f45cd1cac756fb0d5f5a2331d3e93695bcf1fdcf3a18e5486e0c7a92b67bd
-  data.tar.gz: 710760d84937ed652c4c378cbeaf9b50634de58145b140104b2aab5619b098baf566f00cf86f57369a47e5827c544505d94394a2d717d61462ec1ce9bc4efb7c
+  metadata.gz: aa83dfe6f2d916f880fc95c99cbebb01ae1998f066affc7585ed52de884201c0b85d2e3980bad6ac2f6d8d918975a0c208f68a28b6cc5664b9ae2562709b6aaf
+  data.tar.gz: 9002b4380aa921cdad95f5188011a47887865ef88d75b929817ef137bd83ec3f31094acd3cf679a9eca6d74170fb493c31d5fcc4763d2926982805246d106134

data/bin/nexpose_jira

@@ -1,6 +1,13 @@
 #!/usr/bin/env ruby
 require 'yaml'
 require 'nexpose_ticketing'
+require 'nexpose_ticketing/nx_logger'
+require 'nexpose_ticketing/version'
+
+log = NexposeTicketing::NxLogger.instance
+log.setup_statistics_collection('Atlassian', 'JIRA', NexposeTicketing::VERSION)
+log.setup_logging(true, 'info')
+
 # Path to the JIRA Configuration file.
 JIRA_CONFIG_PATH = File.join(File.dirname(__FILE__),
                              '../lib/nexpose_ticketing/config/jira.config')

data/bin/nexpose_remedy

@@ -1,6 +1,12 @@
 #!/usr/bin/env ruby
 require 'yaml'
 require 'nexpose_ticketing'
+require 'nexpose_ticketing/nx_logger'
+require 'nexpose_ticketing/version'
+
+log = NexposeTicketing::NxLogger.instance
+log.setup_statistics_collection('bmc', 'Remedy', NexposeTicketing::VERSION)
+log.setup_logging(true, 'info')
 
 # Path to ServiceNow configuration file
 REMEDY_CONFIG_PATH = File.join(File.dirname(__FILE__),

data/bin/nexpose_servicedesk

@@ -1,6 +1,12 @@
 #!/usr/bin/env ruby
 require 'yaml'
 require 'nexpose_ticketing'
+require 'nexpose_ticketing/nx_logger'
+require 'nexpose_ticketing/version'
+
+log = NexposeTicketing::NxLogger.instance
+log.setup_statistics_collection('ManageEngine', 'ServiceDesk', NexposeTicketing::VERSION)
+log.setup_logging(true, 'info')
 
 # Path to ServiceNow configuration file
 SERVICEDESK_CONFIG_PATH = File.join(File.dirname(__FILE__),

data/bin/nexpose_servicenow

@@ -1,6 +1,12 @@
 #!/usr/bin/env ruby
 require 'yaml'
 require 'nexpose_ticketing'
+require 'nexpose_ticketing/nx_logger'
+require 'nexpose_ticketing/version'
+
+log = NexposeTicketing::NxLogger.instance
+log.setup_statistics_collection('ServiceNow', 'ServiceNow', NexposeTicketing::VERSION)
+log.setup_logging(true, 'info')
 
 # Path to ServiceNow configuration file
 SERVICENOW_CONFIG_PATH = File.join(File.dirname(__FILE__),

data/lib/nexpose_ticketing/common_helper.rb

@@ -0,0 +1,344 @@
+module NexposeTicketing
+  class CommonHelper
+    MAX_NUM_REFS = 3
+    
+    def initialize(options)
+      @ticketing_mode = options[:ticket_mode]
+    end
+
+    # Gets the base description hash from the relevant mode-specific method
+    # which can converted into a finished description.
+    #
+    #   - +nexpose_id+ - The site or tag indentifier.
+    #   - +options+ -  The options read from the ticket config file.
+    #
+    # * *Returns* :
+    #   - Hash containing ticket description information.
+    #
+    def get_description(nexpose_id, row)
+      description = { nxid: "NXID: #{generate_nxid(nexpose_id, row)}" }
+      case @ticketing_mode
+      when 'D' then get_default_ticket_description(description, row)
+      when 'I' then get_ip_ticket_description(description, row)
+      when 'V' then get_vuln_ticket_description(description, row)
+      else fail "Ticketing mode #{@ticketing_mode} not recognised."
+      end
+    end
+
+    # Updates an existing description hash containing information
+    # necessary to generate a ticket description.
+    # Note that Default mode tickets may not be updated.
+    #
+    #   - +description+ - The existing ticket hash to be updated.
+    #   - +row+ -  CSV row containing vulnerability data.
+    #
+    # * *Returns* :
+    #   - Hash containing ticket description information.
+    #
+    def update_description(description, row)
+      case @ticketing_mode
+      when 'I' then return update_ip_ticket_description(description, row)
+      when 'V' then return update_vuln_ticket_description(description, row)
+      else description
+      end
+    end
+
+    # Generates a final description string based on a description hash.
+    #
+    #   - +description+ - The finished ticket hash to be converted.
+    #
+    # * *Returns* :
+    #   - String containing ticket description text.
+    #
+    def print_description(description)
+      ticket = case @ticketing_mode
+               when 'D' then print_default_ticket_description(description)
+               when 'I' then print_ip_ticket_description(description)
+               when 'V' then print_vuln_ticket_description(description)
+               else fail "Ticketing mode #{@ticketing_mode} not recognised."
+               end
+      ticket << "\n\n\n#{description[:nxid]}"
+      ticket
+    end
+
+    # Generates a hash containing the information necessary
+    # to generate a Default-mode ticket description.
+    #
+    #   - +description+ - Base ticket hash with NXID.
+    #   - +row+ -  CSV row containing vulnerability data.
+    #
+    # * *Returns* :
+    #   - Hash containing ticket description information.
+    #
+    def get_default_ticket_description(description, row)
+      description[:header] = get_vuln_header(row)
+      description[:header] << get_discovery_info(row)
+      description[:references] = get_references(row)
+      description[:solutions] = get_solutions(row)
+      description
+    end
+
+    # Generates a hash containing the information necessary
+    # to generate an IP-mode ticket description.
+    #
+    #   - +description+ - Base ticket hash with NXID.
+    #   - +row+ -  CSV row containing vulnerability data.
+    #
+    # * *Returns* :
+    #   - Hash containing ticket description information.
+    #
+    def get_ip_ticket_description(description, row)
+      description[:vulnerabilities] = []
+
+      status = row['comparison']
+      vuln_info = "++ #{status} Vulnerabilities ++\n" if !status.nil?
+      description[:ticket_status] = status
+
+      vuln_info = vuln_info.to_s + get_vuln_info(row)
+      description[:vulnerabilities] << vuln_info
+      description
+    end
+
+    # Generates a hash containing the information necessary
+    # to generate a Vulnerability-mode ticket description.
+    #
+    #   - +description+ - Base ticket hash with NXID.
+    #   - +row+ -  CSV row containing vulnerability data.
+    #
+    # * *Returns* :
+    #   - Hash containing ticket description information.
+    #
+    def get_vuln_ticket_description(description, row)
+      description[:header] = get_vuln_header(row)
+      description[:references] = get_references(row)
+      description[:solutions] = get_solutions(row)
+      description[:assets] = get_assets(row)
+      description
+    end
+    
+    # Updates an existing IP-mode description hash containing information
+    # necessary to generate a ticket description.
+    #
+    #   - +description+ - The existing ticket hash to be updated.
+    #   - +row+ -  CSV row containing vulnerability data.
+    #
+    # * *Returns* :
+    #   - Hash containing updated ticket description information.
+    #
+    def update_ip_ticket_description(description, row)
+      status = row['comparison']
+      header = "++ #{status} Vulnerabilities ++\n"
+      header = "" unless description[:ticket_status] != status
+  
+      description[:vulnerabilities] << "#{header}#{get_vuln_info(row)}"
+      description
+    end
+
+    # Updates an existing Vulnerability-mode description hash containing 
+    # information necessary to generate a ticket description.
+    #
+    #   - +description+ - The existing ticket hash to be updated.
+    #   - +row+ -  CSV row containing vulnerability data.
+    #
+    # * *Returns* :
+    #   - Hash containing updated ticket description information.
+    #
+    def update_vuln_ticket_description(description, row)
+      description[:assets] += "\n#{get_assets(row)}"
+      description
+    end
+
+    # Generates a final description string based on a Default-mode 
+    # description hash.
+    #
+    #   - +description+ - The finished ticket hash to be converted.
+    #
+    # * *Returns* :
+    #   - String containing ticket description text.
+    #
+    def print_default_ticket_description(description)
+      ticket = "#{description[:header]}\n#{description[:references]}"
+      ticket << "#{description[:solutions]}"
+      ticket
+    end
+
+    # Generates a final description string based on an IP-mode 
+    # description hash.
+    #
+    #   - +description+ - The finished ticket hash to be converted.
+    #
+    # * *Returns* :
+    #   - String containing ticket description text.
+    #
+    def print_ip_ticket_description(description)
+      ticket = ''
+      description[:vulnerabilities].each { |v| ticket << "#{v}\n" } 
+      ticket
+    end
+
+    # Generates a final description string based on a Vulnerability-mode 
+    # description hash.
+    #
+    #   - +description+ - The finished ticket hash to be converted.
+    #
+    # * *Returns* :
+    #   - String containing ticket description text.
+    #
+    def print_vuln_ticket_description(description)
+      ticket = "#{description[:header]}\n#{description[:assets]}"
+      ticket << "\n#{description[:references]}\n#{description[:solutions]}"
+      ticket
+    end
+
+    # Generates the NXID. The NXID is a unique identifier used to find and update and/or close tickets.
+    #
+    # * *Args*    :
+    #   - +nexpose_identifier_id+ -  Site/TAG ID the tickets are being generated for. Required for all? { |e|  } ticketing modes
+    #   - +row+ -  Row from the generated Nexpose CSV report. Required for default ('D') mode.
+    #   - +current_ip+ -  The IP address of that this ticket is for. Required for IP mode ('I') mode.
+    #
+    # * *Returns* :
+    #   - NXID string.
+    #
+    def generate_nxid(nexpose_id, row)
+      fail 'Row data is nil' if row.nil?
+
+      case @ticketing_mode
+        when 'D' then "#{nexpose_id}d#{row['asset_id']}d#{row['vulnerability_id']}"
+        when 'I' then "#{nexpose_id}i#{row['ip_address']}"
+        when 'V' then "#{nexpose_id}v#{row['vulnerability_id']}"
+        else fail 'Ticketing mode not recognised.'
+      end
+    end
+    
+    # Formats the row data to be inserted into a 'D' or 'I' mode ticket description.
+    #
+    #   - +row+ -  CSV row containing vulnerability data.
+    #
+    # * *Returns* :
+    #   - String formatted with vulnerability data.
+    #
+    def get_vuln_info(row)
+      ticket = get_vuln_header(row)
+      ticket << get_discovery_info(row)
+      ticket << get_references(row)
+      ticket << "\n#{get_solutions(row)}"
+      ticket.gsub("\n", "\n ")
+    end
+
+    # Generates the vulnerability header from the row data.
+    #
+    #   - +row+ -  CSV row containing vulnerability data.
+    #
+    # * *Returns* :
+    #   - String formatted with vulnerability data.
+    #
+    def get_vuln_header(row)
+      ticket = "\n=============================="
+      ticket << "\nVulnerability ID: #{row['vulnerability_id']}"
+      ticket << "\nCVSS Score: #{row['cvss_score']}"
+      ticket << "\n=============================="
+      ticket
+    end
+
+    # Generates the ticket's title depending on the ticketing mode.
+    #
+    #   - +row+ -  CSV row containing vulnerability data.
+    #
+    # * *Returns* :
+    #   - String containing the ticket title.
+    #
+    def get_title(row, maximum=nil)
+      title = case @ticketing_mode
+          when 'D' then "#{row['ip_address']} => #{get_short_summary(row)}"
+          when 'I' then "#{row['ip_address']} => Vulnerabilities"
+          when 'V' then "Vulnerability: #{row['title']}"
+          else fail 'Ticketing mode not recognised.'
+        end
+      return title if maximum == nil || title.length < maximum
+
+      title = "#{title[0, 97]}..."
+    end
+
+    # Generates a short summary for a vulnerability.
+    #
+    #   - +row+ -  CSV row containing vulnerability data.
+    #
+    # * *Returns* :
+    #   - String containing a short summary of the vulnerability.
+    #
+    def get_short_summary(row)
+      summary = row['solutions']
+      delimiter = summary.to_s.index('|')
+      return summary[summary.index(':')+1...delimiter].strip if delimiter
+      summary.length <= 100 ? summary : summary[0...100]
+    end
+
+    # Formats the solutions for a vulnerability in a format suitable to be inserted into a ticket.
+    #
+    #   - +row+ -  CSV row containing vulnerability data.
+    #
+    # * *Returns* :
+    #   - String formatted with solution information.
+    #
+    def get_solutions(row)
+      row['solutions'].to_s.gsub('|', "\n").gsub('~', "\n--\n")
+    end
+
+    def get_discovery_info(row)
+      return '' if row['first_discovered'].to_s == ""
+      info = "\nFirst Seen: #{row['first_discovered']}\n"
+      info << "Last Seen: #{row['most_recently_discovered']}\n"
+      info
+    end
+
+    # Formats the references for a vulnerability in a format suitable to be inserted into a ticket.
+    #
+    #   - +row+ -  CSV row containing vulnerability data.
+    #
+    # * *Returns* :
+    #   - String formatted with source and reference.
+    #
+    def get_references(row)
+      return '' if row['references'].nil?
+      references = "\nSources:\n"
+      refs =  row['references'].split(', ')
+      refs[MAX_NUM_REFS] = '...' if refs.count > MAX_NUM_REFS
+      refs[0..MAX_NUM_REFS].each { |r| references << " - #{r}\n" }
+      references
+    end
+
+    
+    # Returns the assets for a vulnerability in a format suitable to be inserted into a ticket.
+    #
+    #   - +row+ -  CSV row containing vulnerability data.
+    #
+    # * *Returns* :
+    #   - String formatted with affected assets.
+    #
+    def get_assets(row)  
+      status = row['comparison']
+      header = "\n#{status || 'Affected' } Assets\n"
+
+      assets = []
+      row['assets'].to_s.split('~').each do |a|
+        details = a.split('|')
+        assets << " - #{details[1]} #{"\t(#{details[2]})" if !details[2].empty?}"
+      end
+      asset_list = assets.join("\n")
+      "#{header}#{asset_list}"
+    end
+
+    # Returns the relevant row values for printing.
+    #
+    #   - +fields+ -  The fields which are relevant to the ticket.
+    #   - +row+ -  CSV row containing vulnerability data.
+    #
+    # * *Returns* :
+    #   - String formatted with relevant fields.
+    #
+    def get_field_info(fields, row)
+      fields.map { |x| "#{x.sub("_", " ")}: #{row[x]}" }.join(", ")
+    end
+  end
+end

data/lib/nexpose_ticketing/config/servicedesk.config

@@ -6,14 +6,14 @@
 # (M) Helper class name
 :helper_name: ServiceDeskHelper
 
-# (M) REST Enpoint on the ServiceDesk instance
+# (M) REST Endpoint on the ServiceDesk instance
 :rest_uri: https://uritoservicedesk:8080/sdpapi/request
 # (M) API Key to access the ServiceDesk instance
 :api_key: XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
 # (M) local ticket database path
 :ticket_db_path: /var/lib/gems/1.9.1/gems/nexpose_ticketing-0.2.3.jh/lib/nexpose_ticketing/log/servicedesk_ticketdb
 
-# (M) ServiceDesk requestor name
+# (M) ServiceDesk requester name
 :requester: nexpose
-# (M) SerivceDesk incident group
+# (M) ServiceDesk incident group
 :group: Network

data/lib/nexpose_ticketing/config/ticket_service.config

@@ -6,6 +6,8 @@
 :options:
   # (M) Enables logging to the log directory.
   :logging_enabled: true
+  # (M) Sets the log level threshold for output.
+  :log_level: info
   # Filters the reports to specific sites one per line, leave empty for no site.
   :sites:
   - '1'

data/lib/nexpose_ticketing/helpers/jira_helper.rb

@@ -4,49 +4,21 @@ require 'net/https'
 require 'uri'
 require 'csv'
 require 'nexpose_ticketing/nx_logger'
+require 'nexpose_ticketing/version'
+require 'nexpose_ticketing/common_helper'
 
 # This class serves as the JIRA interface
 # that creates issues within JIRA from vulnerabilities
 # found in Nexpose.
 # Copyright:: Copyright (c) 2014 Rapid7, LLC.
 class JiraHelper
-  # TODO: Add V Mode.
-  # TODO: Allow updates/closed loop.
   attr_accessor :jira_data, :options
   def initialize(jira_data, options)
     @jira_data = jira_data
     @options = options
-    @log = NexposeTicketing::NXLogger.new
-  end
+    @log = NexposeTicketing::NxLogger.instance
 
-  # Generates the NXID. The NXID is a unique identifier used to find and update and/or close tickets.
-  #
-  # * *Args*    :
-  #   - +nexpose_identifier_id+ -  Site/TAG ID the tickets are being generated for. Required for all ticketing modes
-  #   - +row+ -  Row from the generated Nexpose CSV report. Required for default ('D') mode.
-  #   - +current_ip+ -  The IP address of that this ticket is for. Required for IP mode ('I') mode.
-  #
-  # * *Returns* :
-  #   - NXID string.
-  #
-  def generate_nxid(nexpose_identifier_id, row=nil, current_ip=nil)
-    fail 'Nexpose Identifier ID is required to generate the NXID.' if nexpose_identifier_id.empty?
-    case @options[:ticket_mode]
-      # 'D' Default mode: IP *-* Vulnerability
-      when 'D'
-        fail 'Row is required to generate the NXID in \'D\' mode.' if row.nil? || row.empty?
-        @nxid = "#{nexpose_identifier_id}#{row['asset_id']}#{row['vulnerability_id']}#{row['solution_id']}"
-      # 'I' IP address mode: IP address -* Vulnerability
-      when 'I'
-        fail 'Current IP is required to generate the NXID in \'I\' mode.' if current_ip.nil? || current_ip.empty?
-        @nxid = "#{nexpose_identifier_id}#{current_ip.tr('.','')}"
-      # 'V' mode net yet implemented.
-      # 'V' Vulnerability mode: Vulnerability -* IP address
-      #          when 'V'
-      #            @NXID = "#{nexpose_identifier_id}#{row['current_asset_id']}#{row['current_vuln_id']}"
-      else
-        fail 'Could not close tickets - do not understand the ticketing mode!'
-    end
+    @common_helper = NexposeTicketing::CommonHelper.new(@options)
   end
 
   # Fetches the Jira ticket key e.g INT-1. This is required to post updates to the Jira.
@@ -123,12 +95,13 @@ class JiraHelper
         end
       end
     end
-    @log.log_message("Jira returned no valid transition to close the ticket! Response was <#{transitions}> and desired close Step ID was <#{@jira_data[:close_step_id]}>.")
+    error = "Response was <#{transitions}> and desired close Step ID was <#{@jira_data[:close_step_id]}>. Jira returned no valid transition to close the ticket!"
+    @log.log_message(error)
     return nil
   end
 
   def create_tickets(tickets)
-    fail 'Ticket(s) cannot be empty.' if tickets.empty? || tickets.nil?
+    fail 'Ticket(s) cannot be empty.' if tickets.nil? || tickets.empty?
     tickets.each do |ticket|
       headers = { 'Content-Type' => 'application/json',
                   'Accept' => 'application/json' }
@@ -149,94 +122,64 @@ class JiraHelper
   end
 
   # Prepares tickets from the CSV.
-  # TODO Implement V Version.
   def prepare_create_tickets(vulnerability_list, nexpose_identifier_id)
-    @ticket = Hash.new(-1)
+    @log.log_message('Preparing ticket requests...')
     case @options[:ticket_mode]
     # 'D' Default IP *-* Vulnerability
-    when 'D'
-      prepare_tickets_default(vulnerability_list, nexpose_identifier_id)
+    when 'D' then matching_fields = ['ip_address', 'vulnerability_id']
     # 'I' IP address -* Vulnerability
-    when 'I'
-      prepare_tickets_by_ip(vulnerability_list, nexpose_identifier_id)
+    when 'I' then matching_fields = ['ip_address']
+    # 'V' Vulnerability -* Assets
+    when 'V' then matching_fields = ['vulnerability_id']
     else
         fail 'Unsupported ticketing mode selected.'
     end
-  end
 
-  # Prepares and creates tickets in default mode.
-  def prepare_tickets_default(vulnerability_list, nexpose_identifier_id)
-    @log.log_message('Preparing tickets for default mode.')
-    tickets = []
-    CSV.parse(vulnerability_list.chomp, headers: :first_row) do |row|
-      # JiraHelper doesn't like new line characters in their summaries.
-      summary = row['summary'].gsub(/\n/, ' ')
-      ticket = {
-          'fields' => {
-              'project' => {
-                  'key' => "#{@jira_data[:project]}" },
-              'summary' => "#{row['ip_address']} => #{summary}",
-              'description' => "CVSS Score: #{row['cvss_score']} \n\n #{row['fix']} \n\n #{row['url']} \n\n\n NXID: #{generate_nxid(nexpose_identifier_id, row)}",
-              'issuetype' => {
-                  'name' => 'Task' }
-          }
-      }.to_json
-      tickets.push(ticket)
-    end
-    tickets
+    prepare_tickets(vulnerability_list, nexpose_identifier_id, matching_fields)
   end
 
-  # Prepare tickets from the CSV of vulnerabilities exported from Nexpose. This method batches tickets 
-  # per IP i.e. any vulnerabilities for a single IP in one ticket
-  #
-  #   - +vulnerability_list+ -  CSV of vulnerabilities within Nexpose.
-  #   - +nexpose_identifier_id+ -  Site/TAG ID the vulnerability list was generate from.
-  #
-  # * *Returns* :
-  #   - List of JSON-formatted tickets for updating within Jira.
-  #
-  def prepare_tickets_by_ip(vulnerability_list, nexpose_identifier_id)
-    @log.log_message('Preparing tickets for IP mode.')
+  def prepare_tickets(vulnerability_list, nexpose_identifier_id, matching_fields)
+    @ticket = Hash.new(-1)
+
+    @log.log_message("Preparing tickets for #{@options[:ticket_mode]} mode.")
     tickets = []
-    current_ip = -1
+    previous_row = nil
+    description = nil
     CSV.parse(vulnerability_list.chomp, headers: :first_row) do |row|
-      if current_ip == -1
-        current_ip = row['ip_address']
+      if previous_row.nil?
+        previous_row = row
+
         @ticket = {
             'fields' => {
                 'project' => {
                     'key' => "#{@jira_data[:project]}" },
-                'summary' => "#{row['ip_address']} => Vulnerabilities",
+                'summary' => @common_helper.get_title(row),
                 'description' => '',
                 'issuetype' => {
                     'name' => 'Task' }
             }
         }
-      end
-      # TODO: Better formatting this.
-      if current_ip == row['ip_address']
-        @ticket['fields']['description'] +=
-        "\n ==============================\n\n
-        #{row['summary']} \n CVSS Score: #{row['cvss_score']}
-        \n\n ==============================\n
-        \n Source: #{row['source']}, Reference: #{row['reference']}
-        \n
-        \n First seen: #{row['first_discovered']}
-        \n Last seen: #{row['most_recently_discovered']}
-        \n Fix:
-        \n #{row['fix']}\n\n #{row['url']}
-        \n
-        \n\n"
-      end
-      unless current_ip == row['ip_address']
-        @ticket['fields']['description'] += "\n\n\n NXID: #{generate_nxid(nexpose_identifier_id, row, current_ip)}"
+        description = @common_helper.get_description(nexpose_identifier_id, row)
+      elsif matching_fields.any? { |x| previous_row[x].nil? || previous_row[x] != row[x] }
+        info = @common_helper.get_field_info(matching_fields, previous_row)
+        @log.log_message("Generated ticket with #{info}")
+
+        @ticket['fields']['description'] = @common_helper.print_description(description)
         tickets.push(@ticket.to_json)
-        current_ip = -1
+        previous_row = nil
+        description = nil
         redo
+      else
+        description = @common_helper.update_description(description, row)
       end
     end
-    @ticket['fields']['description'] += "\n\n\n NXID: #{generate_nxid(nexpose_identifier_id, nil, current_ip)}"
-    tickets.push(@ticket.to_json) unless @ticket.nil?
+
+    unless @ticket.nil? || @ticket.empty?
+      @ticket['fields']['description'] = @common_helper.print_description(description)
+      tickets.push(@ticket.to_json)
+    end
+
+    @log.log_message("Generated <#{tickets.count.to_s}> tickets.")
     tickets
   end
 
@@ -309,13 +252,13 @@ class JiraHelper
     @nxid = nil
     tickets = []
     CSV.parse(vulnerability_list.chomp, headers: :first_row)  do |row|
-      @nxid = generate_nxid(nexpose_identifier_id, nil, row['ip_address'])
+      @nxid = @common_helper.generate_nxid(nexpose_identifier_id, row)
       # Query Jira for the ticket by unique id (generated NXID)
       queried_key = get_jira_key("jql=project=#{@jira_data[:project]} AND description ~ \"NXID: #{@nxid}\" AND (status != #{@jira_data[:close_step_name]})&fields=key")
       if queried_key.nil? || queried_key.empty?
         @log.log_message("Error when closing tickets - query for NXID <#{@nxid}> should have returned a Jira key!!")
       else
-        #Jira uses a post call to the ticket key path to close the ticket. The "prepared batch of tickets" in this case is just a collection Jira ticket key's to close.
+        #Jira uses a post call to the ticket key path to close the ticket. The "prepared batch of tickets" in this case is just a collection Jira ticket keys to close.
         tickets.push(queried_key)
       end
     end
@@ -361,8 +304,7 @@ class JiraHelper
     end
   end
 
-  # Prepare ticket updates from the CSV of vulnerabilities exported from Nexpose. This method batches tickets 
-  # per IP i.e. any vulnerabilities for a single IP in one ticket
+  # Prepare ticket updates from the CSV of vulnerabilities exported from Nexpose.
   #
   #   - +vulnerability_list+ -  CSV of vulnerabilities within Nexpose.
   #   - +nexpose_identifier_id+ -  Site/TAG ID the vulnerability list was generate from.
@@ -371,21 +313,25 @@ class JiraHelper
   #   - List of JSON-formated tickets for updating within Jira.
   #
   def prepare_update_tickets(vulnerability_list, nexpose_identifier_id)
-    fail 'Ticket updates are only supported in IP-address mode.' if @options[:ticket_mode] != 'I'
+    fail 'Ticket updates are not supported in Default mode.' if @options[:ticket_mode] == 'D'
     @log.log_message('Preparing tickets to update.')
     #Jira uses the ticket key to push updates. Since new IPs won't have a Jira key, generate new tickets for all of the IPs found.
-    updated_tickets = prepare_tickets_by_ip(vulnerability_list, nexpose_identifier_id)
+    updated_tickets = prepare_create_tickets(vulnerability_list, nexpose_identifier_id)
+
     tickets_to_send = []
 
     #Find the keys that exist (IPs that have tickets already)
     updated_tickets.each do |ticket|
-      nxid = JSON.parse(ticket)['fields']['description'].squeeze("\n").lines.to_a.last
-      if (nxid.slice! "NXID:").nil?
+      description = JSON.parse(ticket)['fields']['description']
+      nxid_index = description.rindex("NXID")
+      nxid = nxid_index.nil? ? nil : description[nxid_index..-1]
+
+      if (nxid).nil?
         #Could not get NXID from the last line in the description. Do not push the invalid description.
         @log.log_message("Failed to parse the NXID from a generated ticket update! Ignoring ticket <#{nxid}>")
         next
       end
-      queried_key = get_jira_key("jql=project=#{@jira_data[:project]} AND description ~ \"NXID: #{nxid.strip}\" AND (status != #{@jira_data[:close_step_name]})&fields=key")
+      queried_key = get_jira_key("jql=project=#{@jira_data[:project]} AND description ~ \"#{nxid.strip}\" AND (status != #{@jira_data[:close_step_name]})&fields=key")
       ticket_key_pair = []
       ticket_key_pair << queried_key
       ticket_key_pair << ticket
@@ -393,4 +339,4 @@ class JiraHelper
     end
     tickets_to_send
   end
-end
+end