Qualys API (VM, PC) User Guide

Qualys API

(VM, PC)

User Guide

Version 10.28

June 28, 2024

Copyright 2018-2024 by Qualys, Inc. All Rights Reserved.

Qualys and the Qualys logo are registered trademarks of Qualys, Inc. All other trademarks

are the property of their respective owners.

Qualys, Inc.

919 E Hillsdale Blvd

4th Floor

Foster City, CA 94404

1 (650) 801 6100

Table of Contents

Preface................................................................................................................. 9

Welcome ........................................................................................................... 10

API Conventions .................................................................................................................... 10

Qualys User Account ...................................................................................................... 10

Qualys API Server URL .......................................................................................................... 11

Making API requests .............................................................................................................. 12

API Limits ............................................................................................................................... 13

Tracking API usage by user .................................................................................................. 14

HTTP Response Headers ....................................................................................................... 14

Activity Log ............................................................................................................................. 17

Authentication to your account ...................................................................18

What do I need to know? ...................................................................................................... 18

Using Basic HTTP Authentication ....................................................................................... 18

Using Session Based Authentication ................................................................................... 19

Session Login .......................................................................................................................... 22

Session Logout ....................................................................................................................... 24

Scans ..................................................................................................................26

VM Scans ................................................................................................................................ 27

VM Scan List .................................................................................................................... 27

List Last ¡®N¡¯ Scan References for a Schedule ............................................................... 30

Launch VM Scan ............................................................................................................. 33

Launch VM Scan on EC2 assets ..................................................................................... 35

Manage VM Scans ........................................................................................................... 38

Compliance Scans ................................................................................................................. 41

Compliance Scan List ..................................................................................................... 42

List Last ¡®N¡¯ Scan References for a Schedule ............................................................... 43

SCAP Scan List ................................................................................................................. 46

Launch Compliance Scan ............................................................................................... 48

Launch Compliance Scan on EC2 assets ...................................................................... 49

Manage Compliance Scans ............................................................................................ 51

Cloud Perimeter Scans .......................................................................................................... 54

Create/Update Cloud Perimeter Scan ........................................................................... 54

VM Scan Schedules ............................................................................................................... 57

PC Scan Schedules ................................................................................................................. 68

Scan List Parameters ............................................................................................................. 78

Scan Parameters .................................................................................................................... 80

Cloud Perimeter Scan Parameters ....................................................................................... 85

Scan Schedule Parameters ................................................................................................... 89

Verity Confidential

VM Scan Statistics ................................................................................................................. 93

VM Scan Summary ................................................................................................................ 96

Scan Summary ..................................................................................................................... 107

Scanner Details .................................................................................................................... 110

Share PCI Scan ..................................................................................................................... 112

Discovery Scans (maps) ...................................................................................................... 116

Scan Configuration....................................................................................... 129

Scanner Appliance List ....................................................................................................... 130

Manage Virtual Scanner Appliances ................................................................................. 135

Update Physical Scanner Appliance .................................................................................. 140

Replace Scanner Appliance ................................................................................................ 144

Scanner Appliance VLANs and Static Routes ................................................................... 146

Option Profile Export ........................................................................................................... 151

Option Profile Import .......................................................................................................... 164

Option Profiles for VM ......................................................................................................... 174

Option Profiles for PCI ......................................................................................................... 191

Option Profiles for Compliance .......................................................................................... 199

KnowledgeBase .................................................................................................................... 221

KnowledgeBase QVS Download in JSON Format .............................................................. 227

Editing Vulnerabilities ......................................................................................................... 230

Static Search Lists ................................................................................................................ 233

Dynamic Search Lists .......................................................................................................... 238

Vendor IDs and References ................................................................................................ 249

Manage Containerized Scanner Appliance ....................................................................... 252

Create New Containerized Scanner Appliance .......................................................... 252

List Containerized Scanner Appliance ........................................................................ 254

Update Containerized Scanner Appliance ................................................................. 257

Delete Containerized Scanner Appliance ................................................................... 260

Scan Authentication.....................................................................................262

User Permissions Summary ............................................................................................... 263

List Authentication Records ............................................................................................... 264

List Authentication Records by Type ................................................................................ 266

Apache Cassandra Record .................................................................................................. 271

Application Server Records ................................................................................................. 277

Azure MS SQL Record .......................................................................................................... 282

Cisco APIC 4.x Authentication Record ............................................................................... 287

DNS BIND Authentication Record ..................................................................................... 294

Docker Record ...................................................................................................................... 300

HTTP Record ......................................................................................................................... 303

IBM DB2 Record .................................................................................................................... 306

InformixDB Record .............................................................................................................. 311

Infoblox Record .................................................................................................................... 316

JBoss Server record .............................................................................................................. 322

Kubernetes Record .............................................................................................................. 326

MariaDB Record ................................................................................................................... 329

MarkLogic Record ................................................................................................................ 333

Microsoft SharePoint Record .............................................................................................. 340

MongoDB Record ................................................................................................................. 350

System created MongoDB records .............................................................................. 353

MS Exchange Server ............................................................................................................ 360

MS SQL Record ..................................................................................................................... 365

MySQL Record ...................................................................................................................... 375

Neo4j Record ........................................................................................................................ 382

Nginx Record ........................................................................................................................ 387

Oracle Record ....................................................................................................................... 391

System created Oracle records .................................................................................... 397

Oracle Listener Record ........................................................................................................ 399

Oracle WebLogic Server Record ......................................................................................... 401

Palo Alto Firewall Record .................................................................................................... 404

Pivotal Greenplum Record .................................................................................................. 408

PostgreSQL Record ............................................................................................................... 415

SAP Hana Record ................................................................................................................. 422

SAP IQ Record ...................................................................................................................... 427

SNMP Record ........................................................................................................................ 432

Sybase Record ...................................................................................................................... 437

Unix Record .......................................................................................................................... 443

Network SSH Record ........................................................................................................... 460

VMware Record .................................................................................................................... 467

Windows Record .................................................................................................................. 473

Oracle HTTP Server Record ................................................................................................ 481

vCenter - ESXi Mapping Records ........................................................................................ 491

Vault Support................................................................................................ 497

Vault Support matrix .......................................................................................................... 497

Vault Definition ................................................................................................................... 504

List Vaults ............................................................................................................................. 511

Manage Vaults ..................................................................................................................... 514

Assets.............................................................................................................. 525

IP List ..................................................................................................................................... 526

Add IPs .................................................................................................................................. 529

Update IPs ............................................................................................................................. 531

Host List ................................................................................................................................ 535

Host Update ......................................................................................................................... 548

Host List Detection .............................................................................................................. 552

Host List Detection - Normalized Data ............................................................................. 578

 ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download