Managing Automatic Applications

Overview

Nexus IQ Server 1.45 and above optionally support the automatic creation of applications when an application is analyzed for the first time. These applications are associated with a designated parent organization that can be configured using the configuration UI.

If the automatic creation of applications is enabled when an application is analyzed by the Nexus IQ CLI, the application will be automatically created if it does not exist.  As of Nexus IQ v.143, you may include the organization ID parameter when scanning to specify which organization you wish to add the application to. The organization ID can be found using the Organization REST API or through the Orgs and Policies tab of the UI.

This will override the parent organization configured below.  See the CLI documentation for details. 

A user needs the Evaluate Applications permission in the designated parent organization to be able to automatically create applications, which requires them to have the correct role.

Configuring Automatic Application Creation

In order to enable this feature, it must be configured by a user with the Manage Automatic Application Creation permission. This new permission has been added to the built-in Policy Administrator role, but will need to be added manually to custom roles if desired.

To configure automatic applications, follow the instructions below:

  1. Log into the IQ Server with a user that has the Manage Automatic Application Creation permission. This may be a user that has a Policy Administrator role.
  2. Click the System Preferences icon   located in the top right of the header.
  3. Choose Automatic Applications from the drop-down menu. The Automatic Applications configuration page will now be displayed.
  4. You can now make changes to the automatic applications configuration:
    1. The Automatic Application Creation toggle will allow you to enable or disable automatic application creation globally.
    2. The Parent Organization selects the organization that will be the parent of all subsequent automatically-created applications. You may need to create an organization if there are none available for selection.
  5. Click the Update button to save your changes or Cancel to reset your local changes.


Changes to automatic application configuration will only impact those applications created after the changes have been saved. Previous automatically created applications will not be changed and will keep their original parent organization.