Command Line Options
qualys-cloud-agent.sh supports these command line options.
| Configuration option | Description |
|---|---|
| ActivationId | A valid activation key ID (UUID). This value is obtained from the Cloud Agent UI (go to Activation Keys, select a key then View Key Info). This parameter is required to provision an agent. |
| CustomerId | A valid customer ID (UUID). This value is obtained from the Cloud Agent UI (go to Activation Keys, select a key then Install Agent). This parameter is required to provision an agent. |
| LogLevel | A log level (0-5). A higher value corresponds to more verbosity. Default is mapped to information (3). 0 - mapped to fatal 1 - mapped to error 2 - mapped to warning 3 - mapped to information 4 - mapped to debug 5 - mapped to trace In a debug/trace mode, the log file may contain sensitive command-line parameters or passwords for configuration files, if the passwords are in clear-text format. Qualys recommends you use a password vault or token-based authentication instead of storing passwords in the configuration file. Storing passwords in configuration files can result in non-compliance with ISO, SOC, PCI-DSS, HIPAA, and FedRAMP guidelines. |
| LogFileDir | A full path to the log file. By default the path is /var/log/qualys/ |
| UseSudo | Set to 1 to run all data collection commands using the sudo escalation method. By default sudo is not used (0). Limitations of using UseSudo=1 |
| SudoCommand | A command for privilege escalation such as SudoCommand pbrun. If the command has spaces it must be double quoted. |
| User | A valid username if you want the daemon to run as a certain user. The daemon will start as root but will drop to the specified user, and continue running as the specified user. |
| Group | A valid group name if you want the daemon to run as a certain group. The daemon will switch to the specified group (if any). |
| HostIdSearchDir | (Available using Linux Agent 1.3.3 and later) The directory where the host ID file is located. This file contains a host ID tag assigned to the system by Qualys. By default the directory is /etc/ and the location of the host ID file is /etc/qualys/hostid |
| LogDestType | (Available using Linux Agent 1.3.3 and later) The destination of log lines generated by Linux Agent. Set to file or syslog. If set to file specify the location of the log file. By default the destination is a log file:/var/log/qualys/qualys-cloud-agent.log
|
| ServerUri | Use this option to migrate the agent from one Qualys subscription to another (on same POD or PCP). ServerUri takes the URL of the Qualys shared Pod or PCP you want to migrate the Agent to, in the following format:ServerUri=<http_url>/CloudAgentwhere<http_url> is the URL of the Qualys shared Pod or PCP. If the subscription is on the same POD, the ServerUri is the same. Use this option along with ActivationId and CustomerId in order to move the agent to another Qualys shared Pod or PCP. The agent requires the appropriate Activation ID and Customer ID that are on the new subscription/platform. The original IDs cannot be used as they are unique per subscription. |
| CmdMaxTimeOut | Execution of a command is dropped if the time taken to execute is more than the specified value. Default timeout is 1800 seconds (30 minutes). |
| ProcessPriority | Specify the Linux niceness scale between -20 to 19 to set a priority for the Qualys cloud agent process. The lower the number the more priority the agent process gets. Default value is zero. |
| UseAuditDispatcher | Set UseAuditDispatcher to 1 if you want to run FIM along with auditd enabled. Agent version 2.0.2 required auditd to be disabled on the host. These agents when upgraded to 2.1 through selfpatch retain this setting where UseAuditDispatcher is set to 0.Agents with 1.x version are set with UseAuditDispatcher=1 on selfpatch to 2.1. Fresh installation of 2.1 agent comes with UseAuditDispatcher=1 (by default) where you can run FIM along with auditd enabled.
|
| QualysProxyOrder | If you are using multiple proxies, set the proxy order to be sequential or random. Sequential: QualysProxyOrder=sequential OR QualysProxyOrder=seqRandom: QualysProxyOrder=random
|
| MaxRandomScanInterval | (This is supported for Agent version between 2.6.4 to 3.3) This option will enabled the Agent to upload at the configured VM scan interval and adding a randomized interval. The random interval can be any value between 0 and the configured MaxRandomScanInterval seconds. MaxRandomScanInterval can be set to any value between 0 (default) to 4294967295.
|
| ScanDelayVM | (This is supported for Agent version greater than or equal to 4.6) The time added to the start of vm scanning for new installs and new manifest download. Default value is 0 (zero) and that means no delay added. Range is between 0 to 43200. |
| ScanDelayPC | (This is supported for Agent version greater than or equal to 4.6) The time added to the start of pc scanning for new installs and new manifest download. Default value is 0 (zero) and that means no delay added. Range is between 0 to 43200. |
| MaxRandomScanIntervalVM | (This is supported for Agent version greater than or equal to 4.6) This option will enabled the Agent to upload at the configured VM scan interval and adding a randomized interval. The random interval can be any value between 0 and the configured MaxRandomScanIntervalVM seconds. MaxRandomScanIntervalVM can be set to any value between 0 (default) to 43200. |
| MaxRandomScanIntervalPC | (This is supported for Agent version greater than or equal to 4.6) This option will enabled the Agent to upload at the configured PC scan interval and adding a randomized interval. The random interval can be any value between 0 and the configured MaxRandomScanIntervalPC seconds. MaxRandomScanIntervalPC can be set to any value between 0 (default) to 43200.
|
| ProxyFailOpen | Set the ProxyFailOpen to 1 to enable the proxy failover behavior as described in the Multiple Proxy Server support in Proxy URL (Linux Agent 2.5 or later) section.
Note: This is applicable for the Cloud Agent for Linux version 6.2 and later. |