1. home icon for breadcrumbs >
  2. On Demand Scan

On Demand Scan

On Demand Scan feature launches the immediate scan on agent host, if the Cloud Agent is not performing any scan on the same application. The On Demand Scan runs independently of the interval scan that you configure in the Configuration Profile and resets the scan interval on the agent after a successful scan.

Prerequisite: The Cloud Agent must be activated for the application for which you want to launch the On Demand Scan. When activated, the Cloud Agent downloads manifests for that application from the Qualys Cloud Platform. If the manifest for the application is not available, then Cloud Agent does not launch the scan.

Use the cloudagentctl.sh script to launch the On Demand Scan. Following is the command to configure scan parameters.

># ./cloudagentctl.sh action={demand} type=<app type>

cputhrottle={0-1000}

Where action and type are mandatory parameters.

action is demand, meaning an On Demand Scan.

type is the application for which you want to run the scan (the agent must be activated for the respective application).

cputhrottle is the amount of CPU used for Cloud Agent execution. The higher the CPU throttle value less CPU is used at the expense of higher execution time. The range for CPU throttle is 0-1000. Default value is set at 0, which means no throttling.

Cloud Agent for Gentoo Linux is available only for Vulnerability Management (VM) hence, you can launch On Demand Scan only for VM.

For example, use the following command to initiate an on-demand scan for vulnerability management (VM) without throttling.

/usr/local/qualys/cloud-agent/bin/cloudagentctl.sh action=demand type=vm cputhrottle=0

The script calls the agent to run asynchronously in the background and returns to the shell prompt. The script prints a ControlId that you can track in the log file. The ControlId is the time-stamp of the script initiation.

For example, On-Demand-Request ControlId: 20240228164415.0.

The scan logs for On Demand Scans and Interval Scans are stored at the same location. /var/log/qualys/qualys-cloud-agent.log

If the agent is currently performing an interval scan for the same application, the On Demand Scan waits for the currently running scan to finish. The script prints a log line with the following status.

2024-02-28 15:11:36.474 [qualys-cloud-agent][9710]:[Information]:[123456789123456]:Interval Event of same type is in progress with state INTERVAL_EVENT_SCAN

2024-02-28 15:11:36.474 [qualys-cloud-agent][9710]:[Information]:[123456789123456]:OnDemand request for Control ID: 20240427151136.0 will be delayed.

If the script shows an error that the manifest file is not present, check whether the Cloud Agent is activated for that particular application. If Cloud Agent is activated but you still get manifest-related errors, the agent may not have downloaded the manifest for that application. You can manually force a manifest download by deactivating and then reactivating the agent for that application from the Cloud Agent user interface. If that does not solve the issue, contact Qualys Support.

Once an On Demand Scan is completed, the scan results are logged in the log file located at: /var/log/qualys/qualys-cloud-agent.log.

 

© 2024 Qualys, Inc. All rights reserved. Privacy Policy.