Execute Scripts On Demand API

Execute the script on demand by using script ID.

POST/sm/v1/scripts/{scriptId}/execute

Input ParametersInput Parameters

Parameter Sub-Parameters Mandatory/
Optional
Data Type Description

assetTagIds

 

 Optional

String

Multiple comma-separated asset tag IDs can be provided.

testMode 

 

 Optional

String

The script execution through public API is supported in production mode and evaluation mode. Hence, you can set this value as 'true' or 'false'as required.
If the values set to 'true', you must provide either 'testAssets' or 'testTags' in the request.

Authorization 

 

 Mandatory

String

 Authorization token to authenticate to the Qualys Enterprise TruRisk™ Platform.

Prepend token with "Bearer" and one space. For example, Bearer authToken.

assetIds 

 

 Optional

String

List of asset IDs on which you want to execute the script. Multiple comma-separated asset IDs can be provided.

assetTagIds 

 

 Optional

String

List of asset tag IDs on which on which you want to execute the script.

excludedAssetIds 

 

 Optional

String

Asset IDs on which you do not want the script to be executed. Multiple comma-separated asset IDs can be provided.

executionPolicy
BypassEnabled 

 

 Optional

Boolean

Bypass the PowerShell execution policy set on the Windows host. When you set the input value to ’true’, scripts will be executed irrespective of the PowerShell execution policy set on the host. If you do not provide this input parameter, or if you set the input value to ’false’, CAR will honour the PowerShell execution policy set on the host for script execution.

Note: This input parameter is applicable only for Windows PowerShell script execution.

testAssets   Optional

(Mandatory when testMode is true and you want to provide lab assets through lab asset tags)

 List  Includes the list of lab asset IDs and UUIDs.
  id Optional

(Mandatory when testMode is true and you want to provide lab assets through lab asset tags)

String Provide the Identification number of the lab asset.
UUId Optional

(Mandatory when testMode is true and you want to provide lab assets through lab asset tags)

String Provide the UUID of the lab asset.
testTags   Optional

(Mandatory when testMode is true and you want to provide lab assets through lab asset tags)

List Includes the list of lab tag IDs and UUIDs.
id Optional

(Mandatory when testMode is true and you want to provide lab assets through lab asset tags)

String Provide the Identification number of the lab tag.
UUId Optional

(Mandatory when testMode is true and you want to provide lab assets through lab asset tags)

String Provide the UUID of the lab tag.

You can fetch the asset tags id and UUid using the Fetch Asset Tags List API.

Sample: Execute Script on Production AssetsSample: Execute Script on Production Assets

 Request Body: Single Asset

curl -X POST 
<qualys_base_url>/sm/v1/scripts/72648/execute
  --header "Content-Type: application/json"
  --header "Authorization: Bearer <token>"
  --data-raw '{
    "testMode": false,
    "assetIds": [
      "<ASSET ID>"
    ],
    "assetTagIds": ["<ASSET TAG ID>"],
    "excludedAssetIds": ["<EXCLUDED ASSET ID>"]
  }'

 Request Body: Multiple Assets

curl -X POST 
<qualys_base_url>/sm/v1/scripts/72648/execute"
--header "Content-Type: application/json"
--header "Authorization: Bearer <token>"
--data-raw '{
    "testMode": false,
    "assetIds": [
      "<ASSET ID1>",
      "<ASSET ID2>",
      "<ASSET ID3>"
    ],
    "assetTagIds": [
      "<ASSET TAG ID1>",
      "<ASSET TAG ID2>",
      "<ASSET TAG ID3>"
    ],
    "excludedAssetIds": [
      "<ASSET ID1>",
      "<ASSET ID2>",
      "<ASSET ID3>"
    ]
  }'

Request Body: Single Asset ( "executionPolicyBypassEnabled" parameter set to "true")

curl -X POST
'<qualys_base_url>/sm/v1/scripts/72648/execute'
--header 'Content-Type: application/json'
--header 'Authorization: Bearer <token>'
--data-raw '{
    "testMode": false,
    "assetIds": [
      "<ASSET ID>"
    ],
    "assetTagIds": [],
    "excludedAssetIds": [],
    "executionPolicyBypassEnabled": true
  }'

Response

{
   "body": {
       "correlationUuid": "<CORRELATION UUID>"
   }
}

Sample: Execute Script on Non-production AssetsSample: Execute Script on Non-production Assets

API Request

curl -X POST 
'<qualys_base_url>/sm/v1/scripts/{scriptId}/execute'
--header 'accept: application/json'
--header 'Content-Type: application/json'
--data '{
    "testMode": true,
    "testTags": [
      {
        "id": "7512812",
        "UUId": "a3258427-cce3-4459-9cad-81dcdb1cb33e"
      }
    ],
    "testAssets": [
      {
        "id": "7512456",
        "UUId": "a3258427-cce3-4469-9cad-81dcdb1cb44e"
      }
    ],
    "user": {
      "id": "f0bbece3-a15d-f536-83c4-aed67c7f0b9b",
      "name": "Username"
    },
    "executionPolicyBypassEnabled": false,
    "description": "sample description",
    "rebootAfterScriptExecution": false,
    "rebootDelayInSeconds": null,
    "rebootDelayTimeUnit": null
  }'

API Response

{
  "body": {
      "correlationUuid": "81761e17-470b-40ab-89db-ef02607e00ab"
  }
}
  • Correlation UUID is returned when the script is executed. User can use this as filter in request body to find the job details using /jobs/search POST API.
  • To know the details of the response codes, refer to Appendix.