Create Configuration Profile
Create a configuration profile.
Permissions required - Managers with full scope. Other users must have these permissions: Access Permission “API Access” and CA Configuration Profile Permission “Create Configuration Profile”.
Input ParametersInput Parameters
These <ServiceRequest> parameters are used to create/update a configuration profile. Filter operators are available for use with <ServiceRequest> parameters.
|
Parameter |
Mandatory /Optional |
Data Type |
Description |
|---|---|---|---|
|
name |
Mandatory for create and update request |
string |
Name of configuration profile. |
|
description |
Optional |
string |
Description of configuration profile. |
|
priority |
Optional |
integer |
(invalid for create request; optional for update request) Priority of configuration profile in relation to other profiles. Defaults to last maximum priority. (If priority is specified for a create request, the profile will not be created.) Example: If there are 3 configuration profiles a new profile added without priority will be given priority 4. |
|
isDefault |
Mandatory for create request; optional for update request |
integer |
Defaults to 0, i.e. configuration profile not set as the default in the user’s account. Set to 1 to set the configuration profile as the default. |
|
suspendScanning |
Optional |
boolean |
Defaults to false, that is. the Suspend Scanning feature is not enabled. Set to true to enable the Suspend Scanning feature. |
|
preventAgentUpdate |
Optional |
boolean |
Defaults to false, that is the Prevent Agent Update feature is not enabled. Set to true to enable the Prevent Agent Update feature. |
|
inMemoryDbEnabled |
Optional |
boolean |
Defaults to false, that is the In-Memory SQL Databases feature is not enabled. Set to true to enable the In-Memory SQLite Databases feature. |
|
tags |
Mandatory for create request; optional for update request | string |
Tags for the configuration profile. |
|
blackoutConfig |
Optional |
string |
Blackout configuration for the configuration profile. |
|
performanceProfile |
Mandatory for create request; optional for update request | string |
Performance profile configuration blocks using parameters below. |
|
id |
Mandatory for update request; invalid for create request | integer |
ID of the configuration profile you want to update. |
|
vmScanMode |
Optional | string |
Valid values: - AGENTUSER to run VM scan with the same privileges that you have configured for running the Cloud Agent. - SAFE to run VM scan with lower privileges. In this case, Cloud Agent does not run any commands or binary files which require elevated privileges. - DPE to run VM scan with lower privileges, by default. However, the Cloud Agent will dynamically elevate the privileges to root permissions only for the commands that failed due to permissions with lower privileges. |
| Parameters for VM Scans | |||
|
dataCollectionInterval |
Optional | integer |
Time lapse, in minutes, between completion of the previous scan and start of the next scan for the assets associated with this configuration profile. Range: 240-43200 |
|
scanDelay |
Mandatory | integer |
Time added, in minutes, at the start of scanning for new installs and interval scanning. Range: 0-720 Value 0 (zero) means no delay added. |
|
scanRandomize |
Integer |
Range of randomization, in minutes, added to Scan Delay to offset scanning. Range: 0-720 |
|
|
scanOnStartup |
Boolean |
Set this flag to define whether the agent runs the vulnerability scans automatically when the agent service starts.- If set to true, the agent to starts vulnerability scan automatically when agent service start. - If set to false, the agent does not start vulnerability scan automatically when the agent service starts. Note: Scan on startup functionality is supported only for Qualys Agent for Windows 5.1 or later. |
|
| Parameters for PC Scans | |||
|
dataCollectionInterval |
Optional | integer |
Time lapse, in minutes, between completion of the previous scan and start of the next scan for the assets associated with this configuration profile. Range: 240-43200 |
|
scanDelay |
Optional | integer |
Time added, in minutes, at the start of scanning for new installs and interval scanning. Range: 0-720 Value 0 (zero) means no delay added. |
|
scanRandomize |
Optional | integer |
Range of randomization, in minutes, added to Scan Delay to offset scanning. Range: 0-720 |
The parameters for VM and PC scan intervals are optional. However, if you have used the parameters while creating a configuration profiles in API, the parameters with the valid range must be used in API for updating the same configuration profile.
Parameters for all agent OS and versionsParameters for all agent OS and versions
|
Parameter |
Mandatory /Optional |
Data Type |
Description |
|---|---|---|---|
|
INTERVAL_EVENT_STATUS |
Agent Status Interval - Consolidated interval an agent requests information from the platform. Range: 300-86,400 seconds. Recommended: 600 for High performance, 1800 for Normal performance, 2400 for Low performance. |
||
|
INTERVAL_EVENT_UPLOAD_CHANGELIST |
Delta Upload Interval - Interval an agent attempts to upload detected changes. Range: 1-1800 seconds. Recommended: 1 for High performance, 5 for Normal performance, or 10 for Low performance. |
||
|
FILE_UPLOAD_FRAGMENT_SIZE_IN_KB |
Chunk Sizes for File Fragment Uploads - The upload block size, and combined with Delta Upload Interval, determines network utilization. Range: 64-10,240 KB. Recommended: 4096 for High performance, 2048 for Normal performance, 1024 for Low performance. |
||
|
INTERVAL_EVENT_EXECUTE_SETUP |
Upgrade Reattempt Interval - Interval (in seconds) an agent checks the platform for a new upgrade, if configured to do so. Range: 180 seconds or more. Recommended: 300 for Low performance or Normal performance, 180 for High performance. |
||
|
AGENT_LOGGING_LEVEL |
Logging level for agent - The amount and detail of log messages generated by the agent. Value can be Verbose, Info (that is informational), Warn (that is Warning), Error or None. Recommended: Verbose for all performance levels. |
Windows specific parameters (versions 1.5 and above)Windows specific parameters (versions 1.5 and above)
|
Parameter |
Mandatory /Optional |
Data Type |
Description |
|---|---|---|---|
| CPU_LIMIT |
CPU Limit - Defines the percentage limit of the processor core(s) used by the agent; lower percentages reduces CPU utilization at the expense of longer execution times. Range: 2-100%. Recommended: 80 for High performance, 20 for Normal performance, 5 for Low performance. |
Linux/Mac specific parameters (versions 1.6 and above)Linux/Mac specific parameters (versions 1.6 and above)
|
Parameter |
Mandatory /Optional |
Data Type |
Description |
|---|---|---|---|
| THROTTLE_EVENT_SCAN |
CPU Throttle - Tunes the amount of processing used by the CPU by introducing delays between agent executions: the higher the value, the less CPU utilized at the expense of longer execution times. Range: 0-1,000 milliseconds. Recommended: 0 for High performance, 10 for Normal performance, 20 for Low performance. |
Legacy parameters - deprecated for new agentsLegacy parameters - deprecated for new agents
(Used for Windows 1.4 and below, and Linux/Mac 1.5 and below) These parameters are deprecated for new agents, but still used by older agent versions.
|
Parameter |
Mandatory /Optional |
Data Type |
Description |
|---|---|---|---|
|
INTERVAL_EVENT_DOWNLOAD_SNAPSHOT |
Delta Confirmation Interval - Interval an agent checks platform for confirmation that changes were processed. Range: 60 seconds or more. Recommended: 60 for High performance, 120 for Normal performance, 300 for Low performance. |
||
|
INTERVAL_EVENT_DOWNLOAD_MANIFEST |
Manifest Download Interval - Interval an agent checks platform for new instruction manifests. Range: 60 seconds or more. Recommended: 60 for High performance, 3600 for Normal performance, 10800 for Low performance. |
||
|
INTERVAL_EVENT_CONFIG |
Configuration Download Interval - Interval an agent checks platform for new configuration profiles. Range: 60 seconds or more. Recommended: 60 for High performance, 3600 for Normal performance, 10800 for Low performance. |
||
|
THROTTLE_EVENT_COMM_UPLOAD |
Network throttle Rx - The higher this value (in ms), the slower agent attempts to download from the platform; this combines with the download chunk size to determine network utilization. Range: 0-200 milliseconds. Recommended: 0 for High performance, 10 for Normal performance, 20 for Low performance. |
||
|
THROTTLE_EVENT_COMM_DOWNLOAD |
Network throttle Tx - The higher this value (in ms), the slower agent attempts to upload to the platform; this combines with the upload chunck size to determine network utilization. Range: 0-200 milliseconds. Recommended: 0 for High performance, 10 for Normal performance, 20 for Low performance. |
||
|
FILE_DOWNLOAD_FRAGMENT_SIZE_IN_KB |
Chunk sizes for file fragment downloads - The download block size (in KB), and combined with Network throttle Rx, determines network utilization. Range: 64 or more KB. Recommended: 1024 for all performance levels. |
||
|
INTERVAL_EVENT_CHECK_REVOCATION |
Revocation Interval - Interval an agent checks platform to see if it should uninstall itself. Range: 3600 seconds or more. Recommended: 3600 for all performance levels. |
||
|
INTERVAL_EVENT_PROVISION |
Provisioning Interval - Interval an agent attempts to self repair by reprovisioning with platform. Range: 60 seconds or more. Recommended: 900 for all performance levels. |
||
|
INTERVAL_EVENT_DOWNLOAD_SELF_PATCH |
Upgrade Check Interval - Interval an agent checks platform for a new upgrade. Range: 300 seconds or more. Recommended: 300 for High performance, 3600 for Normal performance, 10800 for Low performance. |
Sample - Create configuration profileSample - Create configuration profile
API request
curl -X POST -H "Content-Type: text/xml" -H "Authorization: Basic AbcdAbcdAbcdAbcdAbcd" -H "Xurl" -H "Cache-Control: no-cache" --data-binary @config_create.xml "<qualys_base_url>/qps/rest/1.0/create/ca/agentconfig/"
Note: “config_create.xml” contains the request POST data.
Contents of config_create.xml
<?xml version="1.0" encoding="UTF-8"?>
<ServiceRequest>
<data>
<AgentConfig>
<name>Config profile created using api</name>
<description>done using api</description>
<priority></priority>
<isDefault>0</isDefault>
<suspendScanning>false</suspendScanning>
<tags>
<includeTags>
<list>
<ConfigTag>
<id>6332818</id>
<name>Tag1</name>
</ConfigTag>
</list>
</includeTags>
<includeResolution>ANY</includeResolution>
<excludeTags></excludeTags>
<excludeResolution>ANY</excludeResolution>
</tags>
<blackoutConfig>
<settings>
<list>
<BlackoutConfig>
<startHour>10</startHour>
<endHour>16</endHour>
<monday>0</monday>
<tuesday>0</tuesday>
<wednesday>1</wednesday>
<thursday>0</thursday>
<friday>0</friday>
<saturday>0</saturday>
<sunday>0</sunday>
</BlackoutConfig>
</list>
</settings>
</blackoutConfig>
<performanceProfile>
<settings>
<list>
<PerformanceLevelSettings>
<key>INTERVAL_EVENT_PROVISION</key>
<value>60</value>
</PerformanceLevelSettings>
<PerformanceLevelSettings>
<key>INTERVAL_EVENT_UPLOAD_CHANGELIST</key>
<value>60</value>
</PerformanceLevelSettings>
<PerformanceLevelSettings>
<key>FILE_UPLOAD_FRAGMENT_SIZE_IN_KB</key>
<value>666</value>
</PerformanceLevelSettings>
<PerformanceLevelSettings>
<key>AGENT_LOGGING_LEVEL</key>
<value>Verbose</value>
</PerformanceLevelSettings>
<PerformanceLevelSettings>
<key>CPU_LIMIT</key>
<value>20</value>
</PerformanceLevelSettings>
<PerformanceLevelSettings>
<key>THROTTLE_EVENT_COMM_DOWNLOAD</key>
<value>100</value>
</PerformanceLevelSettings>
<PerformanceLevelSettings>
<key>INTERVAL_EVENT_DOWNLOAD_MANIFEST</key>
<value>200</value>
</PerformanceLevelSettings>
<PerformanceLevelSettings>
<key>THROTTLE_EVENT_SCAN</key>
<value>0</value>
</PerformanceLevelSettings>
<PerformanceLevelSettings>
<key>FILE_DOWNLOAD_FRAGMENT_SIZE_IN_KB</key>
<value>1024</value>
</PerformanceLevelSettings>
<PerformanceLevelSettings>
<key>INTERVAL_EVENT_DOWNLOAD_SELF_PATCH</key>
<value>900</value>
</PerformanceLevelSettings>
<PerformanceLevelSettings>
<key>INTERVAL_EVENT_EXECUTE_SETUP</key>
<value>222</value>
</PerformanceLevelSettings>
<PerformanceLevelSettings>
<key>INTERVAL_EVENT_DOWNLOAD_SNAPSHOT</key>
<value>66</value>
</PerformanceLevelSettings>
<PerformanceLevelSettings>
<key>THROTTLE_EVENT_COMM_UPLOAD</key>
<value>0</value>
</PerformanceLevelSettings>
<PerformanceLevelSettings>
<key>INTERVAL_EVENT_STATUS</key>
<value>1000</value>
</PerformanceLevelSettings>
<PerformanceLevelSettings>
<key>INTERVAL_EVENT_CONFIG</key>
<value>66</value>
</PerformanceLevelSettings>
</list>
</settings>
</performanceProfile>
<vmScanInterval>
<dataCollectionInterval>350</dataCollectionInterval>
<scanDelay>220</scanDelay>
<scanRandomize>330</scanRandomize>
<scanOnStartup>true</scanOnStartup>
</vmScanInterval>
<pcScanInterval>
<dataCollectionInterval>251</dataCollectionInterval>
<scanDelay>10</scanDelay>
<scanRandomize>79</scanRandomize>
</pcScanInterval>
<securitySetting>
<vmScanMode>DPE</vmScanMode>
</securitySetting>
</AgentConfig>
</data>
</ServiceRequest>
Response
<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/1.0/ca/agentconfig.xsd">
<responseCode>SUCCESS</responseCode>
<count>1</count>
<data>
<AgentConfig>
<id>151889</id>
<name>Config profile created using api</name>
<isDefault>0</isDefault>
<createdDate>2017-02-20T09:35:04Z</createdDate>
<createdBy>My Name</createdBy>
<description>done using api</description>
<tags>
<includeTags/>
<includeResolution>ANY</includeResolution>
<excludeTags/>
<tagSetUuid>f5edf058-c55b-40b8-bc32-
94959ca4304c</tagSetUuid>
</tags>
<suspendScanning>false</suspendScanning>
<preventAgentUpdate>false</preventAgentUpdate>
<totalAgents>0</totalAgents>
<blackoutConfig>
<settings>
<list>
<BlackoutConfig>
<startHour>10</startHour>
<endHour>16</endHour>
<monday>0</monday>
<tuesday>0</tuesday>
<wednesday>1</wednesday>
<thursday>0</thursday>
<friday>0</friday>
<saturday>0</saturday>
<sunday>0</sunday>
</BlackoutConfig>
</list>
</settings>
</blackoutConfig>
<performanceProfile>
<settings>
<list>
<PerformanceLevelSettings>
<key>INTERVAL_EVENT_PROVISION</key>
<value>60</value>
</PerformanceLevelSettings>
<PerformanceLevelSettings>
<key>CPU_LIMIT</key>
<value>20</value>
</PerformanceLevelSettings>
<PerformanceLevelSettings>
<key>INTERVAL_EVENT_UPLOAD_CHANGELIST</key>
<value>60</value>
</PerformanceLevelSettings>
<PerformanceLevelSettings>
<key>FILE_UPLOAD_FRAGMENT_SIZE_IN_KB</key>
<value>666</value>
</PerformanceLevelSettings>
<PerformanceLevelSettings>
<key>AGENT_LOGGING_LEVEL</key>
<value>Verbose</value>
</PerformanceLevelSettings>
<PerformanceLevelSettings>
<key>THROTTLE_EVENT_COMM_DOWNLOAD</key>
<value>100</value>
</PerformanceLevelSettings>
<PerformanceLevelSettings>
<key>INTERVAL_EVENT_DOWNLOAD_MANIFEST</key>
<value>200</value>
</PerformanceLevelSettings>
<PerformanceLevelSettings>
<key>THROTTLE_EVENT_SCAN</key>
<value>0</value>
</PerformanceLevelSettings>
<PerformanceLevelSettings>
<key>FILE_DOWNLOAD_FRAGMENT_SIZE_IN_KB</key>
<value>1024</value>
</PerformanceLevelSettings>
<PerformanceLevelSettings>
<key>INTERVAL_EVENT_DOWNLOAD_SELF_PATCH</key>
<value>333</value>
</PerformanceLevelSettings>
<PerformanceLevelSettings>
<key>INTERVAL_EVENT_EXECUTE_SETUP</key>
<value>222</value>
</PerformanceLevelSettings>
<PerformanceLevelSettings>
<key>INTERVAL_EVENT_DOWNLOAD_SNAPSHOT</key>
<value>66</value>
</PerformanceLevelSettings>
<PerformanceLevelSettings>
<key>THROTTLE_EVENT_COMM_UPLOAD</key>
<value>0</value>
</PerformanceLevelSettings>
<PerformanceLevelSettings>
<key>INTERVAL_EVENT_STATUS</key>
<value>333</value>
</PerformanceLevelSettings>
<PerformanceLevelSettings>
<key>INTERVAL_EVENT_CONFIG</key>
<value>66</value>
</PerformanceLevelSettings>
</list>
</settings>
</performanceProfile>
<securitySetting>
<vmScanMode>DPE</vmScanMode>
</securitySetting>
<vmScanInterval>
<dataCollectionInterval>350</dataCollectionInterval>
<scanDelay>220</scanDelay>
<scanRandomize>330</scanRandomize>
<scanOnStartup>true</scanOnStartup>
</vmScanInterval>
<pcScanInterval>
<dataCollectionInterval>251</dataCollectionInterval>
<scanDelay>10</scanDelay>
<scanRandomize>79</scanRandomize>
</pcScanInterval>
</AgentConfig>
</data>
</ServiceResponse>
XSD
<platform API server>/qps/xsd/1.0/ca/agentconfig.xsd