Qualys API (VM, PC) User Guide

Qualys API (VM, PC)

User Guide Version 10.21

December 02, 2022

Copyright 2018-2022 by Qualys, Inc. All Rights Reserved.

Qualys and the Qualys logo are registered trademarks of Qualys, Inc. All other trademarks are the property of their respective owners.

Qualys, Inc. 919 E Hillsdale Blvd 4th Floor Foster City, CA 94404 1 (650) 801 6100

Table of Contents

Preface................................................................................................................. 8

Welcome ............................................................................................................. 9

API Conventions ...................................................................................................................... 9 Qualys User Account ........................................................................................................ 9

Qualys API Server URL .......................................................................................................... 10 Making API requests .............................................................................................................. 11 API Limits ............................................................................................................................... 12 Tracking API usage by user .................................................................................................. 13 HTTP Response Headers ....................................................................................................... 13 Activity Log ............................................................................................................................. 16

Authentication to your account ...................................................................17

What do I need to know? ...................................................................................................... 17 Using Basic HTTP Authentication ....................................................................................... 17 Using Session Based Authentication ................................................................................... 18 Session Login .......................................................................................................................... 21 Session Logout ....................................................................................................................... 23

Scans ..................................................................................................................25

VM Scans ................................................................................................................................ 26 VM Scan List .................................................................................................................... 26 Launch VM Scan ............................................................................................................. 29 Launch VM Scan on EC2 assets ..................................................................................... 31 Manage VM Scans ........................................................................................................... 34

Compliance Scans ................................................................................................................. 37 Compliance Scan List ..................................................................................................... 38 SCAP Scan List ................................................................................................................. 39 Launch Compliance Scan ............................................................................................... 41 Launch Compliance Scan on EC2 assets ...................................................................... 42 Manage Compliance Scans ............................................................................................ 44

Cloud Perimeter Scans .......................................................................................................... 47 Create/Update Cloud Perimeter Scan ........................................................................... 47

VM Scan Schedules ............................................................................................................... 50 PC Scan Schedules ................................................................................................................. 61 Scan List Parameters ............................................................................................................. 71 Scan Parameters .................................................................................................................... 73 Cloud Perimeter Scan Parameters ....................................................................................... 78 Scan Schedule Parameters ................................................................................................... 82 VM Scan Statistics ................................................................................................................. 86 VM Scan Summary ................................................................................................................ 89

Scan Summary ..................................................................................................................... 100 Scanner Details .................................................................................................................... 103 Share PCI Scan ..................................................................................................................... 105 Discovery Scans (maps) ...................................................................................................... 109

Scan Configuration........................................................................................ 118

Scanner Appliance List ....................................................................................................... 119 Manage Virtual Scanner Appliances ................................................................................. 124 Update Physical Scanner Appliance .................................................................................. 129 Replace Scanner Appliance ................................................................................................ 132 Scanner Appliance VLANs and Static Routes ................................................................... 134 Option Profile Export ........................................................................................................... 139 Option Profile Import .......................................................................................................... 149 Option Profiles for VM ......................................................................................................... 156 Option Profiles for PCI ......................................................................................................... 171 Option Profiles for Compliance .......................................................................................... 179 KnowledgeBase .................................................................................................................... 200 KnowledgeBase QVS Download in JSON Format .............................................................. 206 Editing Vulnerabilities ......................................................................................................... 208 Static Search Lists ................................................................................................................ 211 Dynamic Search Lists .......................................................................................................... 216 Vendor IDs and References ................................................................................................ 227

Scan Authentication.................................................................................... 230

User Permissions Summary ............................................................................................... 231 List Authentication Records ............................................................................................... 232 List Authentication Records by Type ................................................................................ 234 Application Server Records ................................................................................................. 238 Azure MS SQL Record .......................................................................................................... 243 Docker Record ...................................................................................................................... 248 HTTP Record ......................................................................................................................... 251 IBM DB2 Record .................................................................................................................... 254 InformixDB Record .............................................................................................................. 259 Infoblox Record .................................................................................................................... 264 JBoss Server record .............................................................................................................. 270 Kubernetes Record ............................................................................................................... 274 MariaDB Record ................................................................................................................... 277 Microsoft SharePoint Record .............................................................................................. 281 MongoDB Record .................................................................................................................. 291 MS Exchange Server ............................................................................................................ 299 MS SQL Record ..................................................................................................................... 304 MySQL Record ...................................................................................................................... 313 Neo4j Record ........................................................................................................................ 320 Nginx Record ........................................................................................................................ 325

Oracle Record ....................................................................................................................... 329 System created Oracle records .................................................................................... 334

Oracle Listener Record ........................................................................................................ 337 Oracle WebLogic Server Record ......................................................................................... 339 Palo Alto Firewall Record .................................................................................................... 342 Pivotal Greenplum Record .................................................................................................. 346 PostgreSQL Record ............................................................................................................... 353 SAP Hana Record ................................................................................................................. 360 SAP IQ Record ...................................................................................................................... 365 SNMP Record ........................................................................................................................ 370 Sybase Record ...................................................................................................................... 375 Unix Record .......................................................................................................................... 381 Network SSH Record ........................................................................................................... 393 VMware Record .................................................................................................................... 398 Windows Record .................................................................................................................. 403 Oracle HTTP Server Record ................................................................................................ 411 vCenter - ESXi Mapping Records ........................................................................................ 421

Vault Support................................................................................................ 427

Vault Support matrix .......................................................................................................... 427 Vault Definition ................................................................................................................... 433 List Vaults ............................................................................................................................. 440 Manage Vaults ..................................................................................................................... 443

Assets.............................................................................................................. 454

IP List ..................................................................................................................................... 455 Add IPs .................................................................................................................................. 458 Update IPs ............................................................................................................................. 460 Host List ................................................................................................................................ 464 Host Update ......................................................................................................................... 476 Host List Detection .............................................................................................................. 480 Host List Detection - Normalized Data ............................................................................. 502 Host List Detection - Use Cases ......................................................................................... 502 Host List Detection - Best Practices ................................................................................... 504 Excluded Host List ............................................................................................................... 504 Excluded Hosts Change History ......................................................................................... 507 Manage Excluded Hosts ...................................................................................................... 510 Virtual Host List ................................................................................................................... 514 Manage Virtual Hosts .......................................................................................................... 515 Restricted IPs List ................................................................................................................ 518 Manage Restricted IPs ......................................................................................................... 519 Asset Group List ................................................................................................................... 522 Manage Asset Groups .......................................................................................................... 525 Purge Hosts ........................................................................................................................... 530

................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download

To fulfill the demand for quickly locating and searching documents.

It is intelligent file search solution for home and business.

Literature Lottery

Related download
Related searches

©2024 5y1.org, Inc. All rights reserved.