Qualys API (VM, PC) User Guide

Qualys API (VM, PC)

User Guide Version 10.20

August 2, 2022

Copyright 2018-2022 by Qualys, Inc. All Rights Reserved.

Qualys and the Qualys logo are registered trademarks of Qualys, Inc. All other trademarks are the property of their respective owners.

Qualys, Inc. 919 E Hillsdale Blvd 4th Floor Foster City, CA 94404 1 (650) 801 6100

Table of Contents

Preface................................................................................................................. 8

Welcome ............................................................................................................. 9

API Conventions ...................................................................................................................... 9 Qualys User Account ........................................................................................................ 9

Qualys API Server URL .......................................................................................................... 10 Making API requests .............................................................................................................. 11 API Limits ............................................................................................................................... 12 Tracking API usage by user .................................................................................................. 13 HTTP Response Headers ....................................................................................................... 13 Activity Log ............................................................................................................................. 16

Authentication to your account ...................................................................17

What do I need to know? ...................................................................................................... 17 Using Basic HTTP Authentication ....................................................................................... 17 Using Session Based Authentication ................................................................................... 18 Session Login .......................................................................................................................... 21 Session Logout ....................................................................................................................... 23

Scans ..................................................................................................................25

VM Scans ................................................................................................................................ 26 VM Scan List .................................................................................................................... 26 Launch VM Scan ............................................................................................................. 29 Launch VM Scan on EC2 assets ..................................................................................... 31 Manage VM Scans ........................................................................................................... 34

Compliance Scans ................................................................................................................. 37 Compliance Scan List ..................................................................................................... 38 SCAP Scan List ................................................................................................................. 39 Launch Compliance Scan ............................................................................................... 41 Launch Compliance Scan on EC2 assets ...................................................................... 42 Manage Compliance Scans ............................................................................................ 44

Cloud Perimeter Scans .......................................................................................................... 47 Create/Update Cloud Perimeter Scan ........................................................................... 47

VM Scan Schedules ............................................................................................................... 50 PC Scan Schedules ................................................................................................................. 61 Scan List Parameters ............................................................................................................. 71 Scan Parameters .................................................................................................................... 73 Cloud Perimeter Scan Parameters ....................................................................................... 78 Scan Schedule Parameters ................................................................................................... 82 VM Scan Statistics ................................................................................................................. 86 VM Scan Summary ................................................................................................................ 89

Scan Summary ..................................................................................................................... 100 Scanner Details .................................................................................................................... 103 Share PCI Scan ..................................................................................................................... 105 Discovery Scans (maps) ...................................................................................................... 109

Scan Configuration........................................................................................ 118

Scanner Appliance List ....................................................................................................... 119 Manage Virtual Scanner Appliances ................................................................................. 124 Update Physical Scanner Appliance .................................................................................. 129 Replace Scanner Appliance ................................................................................................ 132 Scanner Appliance VLANs and Static Routes ................................................................... 134 Option Profile Export ........................................................................................................... 139 Option Profile Import .......................................................................................................... 149 Option Profiles for VM ......................................................................................................... 156 Option Profiles for PCI ......................................................................................................... 171 Option Profiles for Compliance .......................................................................................... 179 KnowledgeBase .................................................................................................................... 200 KnowledgeBase QVS Download in JSON Format .............................................................. 206 Editing Vulnerabilities ......................................................................................................... 208 Static Search Lists ................................................................................................................ 211 Dynamic Search Lists .......................................................................................................... 216 Vendor IDs and References ................................................................................................ 227

Scan Authentication.................................................................................... 230

User Permissions Summary ............................................................................................... 231 List Authentication Records ............................................................................................... 232 List Authentication Records by Type ................................................................................ 234 Application Server Records ................................................................................................. 238 Azure MS SQL Record .......................................................................................................... 243 Docker Record ...................................................................................................................... 248 HTTP Record ......................................................................................................................... 251 IBM DB2 Record .................................................................................................................... 254 InformixDB Record .............................................................................................................. 259 Infoblox Record .................................................................................................................... 264 JBoss Server record .............................................................................................................. 270 Kubernetes Record ............................................................................................................... 274 MariaDB Record ................................................................................................................... 277 Microsoft SharePoint Record .............................................................................................. 281 MongoDB Record .................................................................................................................. 291 MS Exchange Server ............................................................................................................ 299 MS SQL Record ..................................................................................................................... 304 MySQL Record ...................................................................................................................... 313 Neo4j Record ........................................................................................................................ 320 Nginx Record ........................................................................................................................ 325

Oracle Record ....................................................................................................................... 329 System created Oracle records .................................................................................... 334

Oracle Listener Record ........................................................................................................ 337 Oracle WebLogic Server Record ......................................................................................... 339 Palo Alto Firewall Record .................................................................................................... 342 Pivotal Greenplum Record .................................................................................................. 346 PostgreSQL Record ............................................................................................................... 353 SAP Hana Record ................................................................................................................. 360 SAP IQ Record ...................................................................................................................... 365 SNMP Record ........................................................................................................................ 370 Sybase Record ...................................................................................................................... 375 Unix Record .......................................................................................................................... 381 Network SSH Record ........................................................................................................... 393 VMware Record .................................................................................................................... 398 Windows Record .................................................................................................................. 403 Oracle HTTP Server Record ................................................................................................ 411 vCenter - ESXi Mapping Records ........................................................................................ 421

Vault Support................................................................................................ 427

Vault Support matrix .......................................................................................................... 427 Vault Definition ................................................................................................................... 433 List Vaults ............................................................................................................................. 440 Manage Vaults ..................................................................................................................... 443

Assets.............................................................................................................. 454

IP List ..................................................................................................................................... 455 Add IPs .................................................................................................................................. 458 Update IPs ............................................................................................................................. 460 Host List ................................................................................................................................ 464 Host Update ......................................................................................................................... 476 Host List Detection .............................................................................................................. 480 Host List Detection - Normalized Data ............................................................................. 502 Host List Detection - Use Cases ......................................................................................... 502 Host List Detection - Best Practices ................................................................................... 504 Excluded Host List ............................................................................................................... 504 Excluded Hosts Change History ......................................................................................... 507 Manage Excluded Hosts ...................................................................................................... 510 Virtual Host List ................................................................................................................... 514 Manage Virtual Hosts .......................................................................................................... 515 Restricted IPs List ................................................................................................................ 518 Manage Restricted IPs ......................................................................................................... 519 Asset Group List ................................................................................................................... 522 Manage Asset Groups .......................................................................................................... 525 Purge Hosts ........................................................................................................................... 530

Patch List .............................................................................................................................. 537

IPv6 Assets .................................................................................................... 539

API Support for IPv6 Asset Management and Scanning .................................................. 539 IPv6 Mapping Record List .................................................................................................... 544 Add IPv6 Mapping Records ................................................................................................. 545

Networks........................................................................................................ 547

Network List ......................................................................................................................... 547 Create Network .................................................................................................................... 548 Update Network ................................................................................................................... 550 Assign Scanner Appliance to Network .............................................................................. 551

Reports ............................................................................................................553

Report List ............................................................................................................................ 554 Launch Report ...................................................................................................................... 556

Launching Reports Using Asset Tags .......................................................................... 563 Launching and Fetching Compliance Reports in CSV Format ................................. 564 Report Template List ........................................................................................................... 567 Launch Scorecard ................................................................................................................ 569 Cancel Running Report ....................................................................................................... 576 Download Saved Report ...................................................................................................... 577 Delete Saved Report ............................................................................................................ 583 Scheduled Reports List ........................................................................................................ 584 Launch Scheduled Report ................................................................................................... 585 Asset Search Report ............................................................................................................. 585

VM Report Templates ..................................................................................597

API Support for Report Templates ..................................................................................... 597 Scan Template ..................................................................................................................... 598

Cloud Asset Metadata Fields in CSV Format .............................................................. 605 Cloud Asset Metadata Fields in XML Format ............................................................. 606 PCI Scan Template ............................................................................................................... 612 Patch Template .................................................................................................................... 614 Map Template ...................................................................................................................... 622

VM Remediation Tickets ............................................................................ 636

Remediation Tickets overview ........................................................................................... 636 Ticket Parameters ................................................................................................................ 638 View Ticket List .................................................................................................................... 640 Edit Tickets ........................................................................................................................... 642 Delete Tickets ....................................................................................................................... 644 View Deleted Ticket List ..................................................................................................... 646 Get Ticket Information ........................................................................................................ 647

Set Vulnerabilities to Ignore on Hosts ............................................................................... 649

Compliance.................................................................................................... 654

Compliance Control List ..................................................................................................... 655 Compliance Policy List ........................................................................................................ 681 Compliance Policy - Export ................................................................................................ 685 Compliance Policy - Import ................................................................................................ 705 Compliance Policy - Merge ................................................................................................. 707 Compliance Policy - Manage Asset Tags ........................................................................... 713 Compliance Policy - Manage Asset Groups ...................................................................... 717 Compliance Posture Information ...................................................................................... 720

PC Posture Information APIs ........................................................................................ 720 PC Posture Streaming APIs ........................................................................................... 740 Get Policy List ................................................................................................................ 740 Resolve Host IDs ............................................................................................................ 743 Get Posture Info ............................................................................................................. 745 Control Criticality ................................................................................................................ 765 Exceptions ............................................................................................................................ 766 SCAP Cyberscope Report ..................................................................................................... 774 SCAP ARF Report ................................................................................................................. 778 SCAP Policy List .................................................................................................................... 779

Users and Activity Log ............................................................................... 783

User List ................................................................................................................................ 783 Add/Edit User ....................................................................................................................... 785 User Registration Process ................................................................................................... 793 Accept Qualys EULA ............................................................................................................ 794 Activate/Deactivate Users .................................................................................................. 795 User Password Change ........................................................................................................ 796 Export User Activity Log ..................................................................................................... 798

Appendix A - API Documentation ............................................................ 801

Appendix B - Ports used for scanning .................................................... 802

Appendix C - Scan Results JSON.............................................................804

Appendix D - Error Codes / Descriptions............................................... 810

PCRS Error Codes ................................................................................................................. 812

Appendix E - Streaming Posture API Client Sample Code (Python)814

Index ................................................................................................................ 821

Preface

Preface

Using the Qualys API, third parties can integrate their own applications with Qualys cloud security and compliance solutions using an extensible XML interface. The APIs described in this guide are available to customers using Qualys Cloud Platform (VM, PC). About Qualys Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of cloud-based security and compliance solutions. The Qualys Cloud Platform and its integrated apps help businesses simplify security operations and lower the cost of compliance by delivering critical security intelligence on demand and automating the full spectrum of auditing, compliance and protection for IT systems and web applications. Founded in 1999, Qualys has established strategic partnerships with leading managed service providers and consulting organizations including Accenture, BT, Cognizant Technology Solutions, Deutsche Telekom, Fujitsu, HCL, HP Enterprise, IBM, Infosys, NTT, Optiv, SecureWorks, Tata Communications, Verizon and Wipro. The company is also a founding member of the Cloud Security Alliance (CSA). For more information, please visit . Contact Qualys Support Qualys is committed to providing you with the most thorough support. Through online documentation, telephone help, and direct email support, Qualys ensures that your questions will be answered in the fastest time possible. We support you 7 days a week, 24 hours a day. Access support information at support/.

8

................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download

To fulfill the demand for quickly locating and searching documents.

It is intelligent file search solution for home and business.

Literature Lottery

Related download
Related searches

©2024 5y1.org, Inc. All rights reserved.