SolarWinds Web Help Desk (WHD) Integration
Faraday's SolarWinds integration allows you to export confirmed vulnerabilities
to Web Help Desk (WHD) from SolarWinds as incidents. Vulnerabilities are sent
using the WHD Incident table with configurable templates for incident
description formatting.
Availability: Commercial feature (requires licensed Faraday instance).
Verified against: Faraday Server v5.19.0 codebase, wiki doc dated
2023-01-26.
Overview
| Feature |
Details |
| Export vulnerabilities as WHD incidents |
Yes |
| Jinja2 template for incident description |
Yes |
| Credential override at send time |
Yes |
| Authentication |
URL + API Key |
Prerequisites
- A running Faraday Server instance (commercial edition)
- A SolarWinds Web Help Desk instance
- A WHD API Key for authentication
- Network connectivity between Faraday Server and WHD
Access Settings
- Log in to the Faraday Web UI.
- Click your username at the top-right and select Settings.
- Navigate to Ticketing Tools and select Web Help Desk / SolarWinds.
| Field |
Description |
Example |
| URL |
Web Help Desk instance URL |
https://whd.example.com |
| API Key |
API key generated in your SolarWinds instance |
your-api-key-here |
Select Template
Select a template from the dropdown. A default template is pre-loaded in your
Faraday instance.
Templates are stored at:
/home/faraday/.faraday/integrations_templates/
Default Template
{# This is a Template for Faraday SolarWinds Integration #}
{# Pre-Flight Adjustments #}
{% set issuetracker_config = 'solar winds' %}
{% set http_size_config = 4096 %}
{% if 'med' in vuln.severity %}
{% set corrected_severity = 'Medium' %}
{% else %}
{% set corrected_severity = vuln.severity %}
{% endif %}
{# Issue template structure #}
{% if 'VulnerabilityWeb' in vuln.type %}
# [{{ corrected_severity | capitalize }}] {{ vuln.name }} - ({{ vuln.path }})
{% else %}
# [{{ corrected_severity | capitalize }}] {{ vuln.name }}
{% endif %}
## Description
{{ vuln.desc }}
#### This issue has been rated as: `{{ corrected_severity | capitalize }}`
Affected Asset: {{ vuln.target }}
{% if vuln.website %}
Affected URL: {{ vuln.website }}{{ vuln.path }}
{% endif %}
{% if vuln.hostnames %}
#### Hostnames
{% for hostname in vuln.hostnames %}
- {{ hostname }}
{% endfor %}
{% endif %}
## Recommendations
{{ vuln.resolution }}
{% for ref in vuln.refs %}
- {{ ref }}
{% endfor %}
{% if vuln.easeofresolution %}
#### Estimated ease of resolution
{{ vuln.easeofresolution | capitalize }}
{% endif %}
### Technical Details
{% if vuln.data %}
#### Proof of Concept
{{ vuln.data }}
{% endif %}
{% if vuln.request %}
#### Request
{{ vuln.request | truncate(http_size_config, False, '...', 0) }}
{% endif %}
{% if vuln.response %}
#### Response
{{ vuln.response | truncate(http_size_config, False, '...', 0) }}
{% endif %}
## Issue [{{ vuln.id }}] {{ vuln.name }} [{{ vuln.status }}]
{% for key, value in vuln.issuetracker_json.items() %}
{% if issuetracker_config in key %}
This issue has already been reported in this platform:
- {{ key | capitalize }}
{% for line in value %}
- Issue: {{ line.url }}
{% endfor %}
{% endif %}
source: created by {{ vuln.owner or "faraday" }} using {{ vuln.tool }} - {{ vuln.external_id }} - {{ vuln.date }}
{% endfor %}
{# end of file #}
Template Configuration Directives
| Directive |
Value |
Purpose |
issuetracker_config |
'solar winds' |
Identifies the integration for issuetracker reference lookups |
http_size_config |
4096 |
Max characters for HTTP request/response fields |
Template Variables
The following vulnerability fields are available via the vuln object:
| Variable |
Description |
vuln.id |
Faraday vulnerability ID |
vuln.name |
Vulnerability name |
vuln.desc |
Description |
vuln.severity |
Severity level (critical, high, med, low, info) |
vuln.status |
Current status (open, closed, re-opened, risk-accepted) |
vuln.target |
Affected asset/host |
vuln.type |
Vulnerability type (e.g., VulnerabilityWeb) |
vuln.website |
Website URL (web vulns only) |
vuln.path |
URL path (web vulns only) |
vuln.hostnames |
List of associated hostnames |
vuln.resolution |
Recommended remediation |
vuln.refs |
List of references |
vuln.easeofresolution |
Estimated ease of resolution |
vuln.data |
Proof of concept / technical data |
vuln.request |
HTTP request (web vulns only) |
vuln.response |
HTTP response (web vulns only) |
vuln.tool |
Tool that discovered the vulnerability |
vuln.owner |
Vulnerability owner/creator |
vuln.external_id |
External identifier |
vuln.date |
Discovery date |
vuln.issuetracker_json |
Dict of issue tracker references |
Step 3: Export Vulnerabilities to Web Help Desk
- In the Faraday Web UI, go to Manage > Vulns.
- Select one or more confirmed vulnerabilities.
- Click Tools (context menu) and select Web Help Desk from Solar Winds.
- A dialog appears with two options:
- Use default data: Uses the URL and API Key saved in Settings.
- Override credentials: Check the override box and enter custom
WHD URL and API Key for this export.
- Click OK to send the vulnerabilities.
Tracking Exported Vulnerabilities
- Add the issuetracker column to the vulnerability table to see links
to created WHD incidents.
- Click the link to open the incident directly in Web Help Desk.
- The
issuetracker_json field provides structured details (incident URL, ID)
and can be used in Executive Reports.
Permissions
| Permission Unit |
ID |
Group |
Description |
web_help_desk |
18 |
integrations |
Web Help Desk integration CRUD operations |
active_integrations |
19 |
integrations |
View/manage active integrations |
integrations_auth |
41 |
integrations |
Integration authentication management |
Role-Based Access
| Role |
CREATE |
READ |
UPDATE |
DELETE |
| Admin |
Yes |
Yes |
Yes |
Yes |
| Asset Owner |
Varies |
Varies |
Varies |
Varies |
| Pentester |
Yes |
Yes |
Yes |
Yes |
| Client |
Limited |
Limited |
Limited |
Limited |
Data Model
Vulnerability Fields
| Field |
Type |
Purpose |
issuetracker |
Text (JSON) |
Stores WHD incident reference |
issuetracker_json |
JSON (API) |
Structured incident details for API/reports |
Note: Web Help Desk does not have a dedicated UserToken scope.
Authentication is handled via API Key in the configuration settings.
Troubleshooting
| Problem |
Possible Cause |
Solution |
| Cannot connect to WHD |
Invalid URL or API Key |
Verify the WHD URL and API Key are correct |
| Incidents not created |
Network issue |
Ensure Faraday Server can reach the WHD instance |
| Template errors |
Invalid Jinja2 syntax |
Review template syntax; test with the default template |
| API Key rejected |
Key expired or revoked |
Generate a new API Key in your SolarWinds instance |
Changelog
| Date |
Change |
| 2023-01-26 |
Original wiki documentation published |
| 2026-02-27 |
Updated: verified against v5.19.0 codebase, added permissions model (UNIT_WEB_HELP_DESK ID 18), data model details, template variable reference, role-based access, expanded troubleshooting |
Source References
- Wiki source:
repos/faraday-wiki/docs/integration-solarwinds.md
- Permission definitions:
faraday/server/utils/permissions.py — UNIT_WEB_HELP_DESK
- Configuration model:
faraday/server/models.py (line ~3641)
- VulnerabilityGeneric model:
faraday/server/models.py (line ~1431) — issuetracker
- Vulnerability schema:
faraday/server/api/modules/vulns_base.py (line ~299) — issuetracker serialization
- Custom roles migration:
faraday/migrations/versions/a29d52685b58_custom_roles.py — permission unit ID 18
