Update Scripts with GitHub URL and Parameter API
For API version information, refer to the API Version History section.
This API lets you create a custom script of type Custom QID.
v2.0
This API lets you update scripts with GitHub URL and Parameter.
Input Parameters Input Parameters
| Parameter | Mandatory/Optional | Data Type | Description |
|---|---|---|---|
| title | Optional | String | Use it to provide the name of the script. |
| categoryID | Optional | String | Use it to provide the category of script based on categories like general automation, data collection, and backup. |
| severity | Optional | Short | Use it to provide the severity level that defines the criticality of the script. Select a value from 1 to 5. |
| threshold | Optional | Integer | Use it to provide the specific time that defines how long the script must run. You can specify the time in seconds, hours, and minutes |
| gitHubUser | Optional | String | Use it to provide a github user that has a github account. |
| gitHubRepo | Optional | String | Use it to provide the name of the github repository |
| gitHubBranch | Optional | String | Use it to provide the github branch name. |
| gitHubFilepath | Optional | String | Use it to provide a relative github file path for which we want to create as script content |
| gitHubToken | Optional | String | Use it to provide a github token to access a private github repository. |
| scriptApproval UserConsent |
Optional | Boolean | Use it to create a script in an approval state or not. |
| githubInputUrl | Optional | String | Use it to provide a complete github file path for which we want to create script content. |
Sample 1: Update Script by Providing File in URLSample 1: Update Script by Providing File in URL
API Request
"curl --location --request PATCH"<qualys_base_url>/sm/v2/script/61179"
-H""Authorization: Bearer <JWT Token>""--header""Content-Type:
application/json""
--data-raw""{
"title": " giturl_api_284216",
"description": "Sample Description updated",
"categoryId": 6,
"severity": 3,
"threshold": 300,
"thresholdTimeUnit": "SECOND",
"githubInputUrl": "https://github.com/ruanyf/simple-bashscripts/blob/master/scripts/hello-world.sh"
}"
Request Body
{
"title":"{{scriptTitle}}",
"description":"Sample Description updated",
"categoryId":6,
"severity":3,
"threshold":300,
"thresholdTimeUnit":"SECOND",
"githubInputUrl":"https://github.com/ruanyf/simple-bashscripts/blob/master/scripts/hello-world.sh"
}
Response
{
"id":61179,
"message":"Updated Successfully."
}
Sample 2: Update Script with Github ParametersSample 2: Update Script with Github Parameters
API Request
"curl --location --request PATCH"<qualys_base_url>/sm/v2/script/61180"
-H""Authorization: Bearer <JWT Token>""--header""Content-Type:
application/json""
--data-raw""{
"title": "gitParam_api_600254",
"description": "Sample Description updated",
"categoryId": 6,
"severity": 3,
"threshold": 300,
"thresholdTimeUnit": "SECOND",
"gitHubUser": "Qualys",
"gitHubRepo": "community",
"gitHubBranch": "",
"gitHubFilePath": "assetcount/README.md"
}"
Request Body
{
"title":"{{scriptTitle}}",
"description":"Sample Description updated",
"categoryId":6,
"severity":3,
"threshold":300,
"gitHubUser":"Qualys",
"gitHubRepo":"community",
"gitHubBranch":"",
"gitHubFilePath":"assetcount/README.md"
}
Response
{
"id":61180,
"message":"Updated Successfully."
}
API Request
"curl --location --request PATCH"<qualys_base_url>/sm/v2/script/61186"
-H""Authorization: Bearer <JWT Token>""--header""Content-Type:
application/json""
--data-raw""{
"title": "privateGitRepoParam_573808",
"description": "Sample Description updated",
"categoryId": 6,
"severity": 3,
"threshold": 300,
"thresholdTimeUnit": "SECOND",
"gitHubUser": "smqa123",
"gitHubRepo": "SM_QA_PRIVATE",
"gitHubBranch": "main",
"gitHubFilePath": "PythinNums",
"gitHubToken": "valid_github_token"
}"
Request Body
{
"title":"{{scriptTitle}}",
"description":"Sample Description updated",
"categoryId":6,
"severity":3,
"threshold":300,
"thresholdTimeUnit":"SECOND",
"gitHubUser":"smqa123",
"gitHubRepo":"SM_QA_PRIVATE",
"gitHubBranch":"main",
"gitHubFilePath":"PythinNums",
"gitHubToken":"valid_github_token"
}
Response
{
"id":61186,
"message":"Updated Successfully."
}
API Request
"curl --location --request PATCH"<qualys_base_url>/sm/v2/script/61403"
-H""Authorization: Bearer <JWT Token>""--header""Content-Type:
application/json""
--data-raw""{
"title": "giturl_private_api_201446",
"description": "Sample private url Description updated",
"categoryId": 6,
"severity": 3,
"threshold": 300,
"thresholdTimeUnit": "SECOND",
"gitHubToken" : "valid_github_token",
"githubInputUrl":
"https://github.com/smqa123/SM_QA_PRIVATE/blob/main/Blacklisted"
}"
Request Body
{
"title":"{{scriptTitle}}",
"description":"Sample private url Description updated",
"categoryId":6,
"severity":3,
"threshold":300,
"thresholdTimeUnit":"SECOND",
"gitHubToken":"valid_github_token",
"githubInputUrl":"https://github.com/smqa123/SM_QA_PRIVATE/blob/main/Blac
klisted"
}
Response
{
"id": 61403,
"message": "Updated Successfully."
}
To know the details of the response codes, refer to Appendix.
v4.0
Input ParametersInput Parameters
| Parameter | Mandatory/Optional | Data Type | Description |
|---|---|---|---|
| title | Optional | String | Use it to provide the name of the script. |
| categoryID | Optional | String | Use it to provide the category of script based on categories like general automation, data collection, and backup. |
| severity | Optional | Short | Use it to provide the severity level that defines the criticality of the script. Select a value from 1 to 5. |
| threshold | Optional | Integer | Use it to provide the specific time that defines how long the script must run. You can specify the time in seconds. |
| gitHubUser | Optional | String | Use it to provide a github user that has a github account. |
| gitHubRepo | Optional | String | Use it to provide the name of the github repository |
| gitHubBranch | Optional | String | Use it to provide the github branch name. |
| gitHubFilepath | Optional | String | Use it to provide a relative github file path for which we want to create as script content |
| gitHubToken | Optional | String | Use it to provide a github token to access a private github repository. |
| scriptApprovalUserConsent | Optional | Boolean | Use it to create a script in an approval state or not. |
| githubInputUrl | Optional | String | Use it to provide a complete github file path for which we want to create script content. |
|
hasParameters |
Optional (This is mandatory only if you want to define the |
Boolean |
Provide this value as Default value is Note: This parameter is only applicable when you want to create a parameterized script. |
|
params.key |
Mandatory (This is mandatory when the |
String |
Provide the Base64 encoded string value. |
|
params.value |
Mandatory (This is mandatory when the |
String |
Provide the Base64 encoded string value. |
Sample: Update Scripts with GitHub ParametersSample: Update Scripts with GitHub Parameters
API Request
curl -X PATCH
'<qualys_base_url>/sm/v4/script/{Scriptid}'
--header 'Accept: application/vnd.qualys.car.api.v4.0+json'
--header 'Authorization: Bearer <authToken>'
--header 'Content-Type: application/json'
--data-raw
{
"categoryId": 605,
"githubInputUrl": "<sample github url>",
"gitHubToken": "<sample github token of private repo>",
"gitHubUser": "<username>",
"gitHubRepo": "<sample repo name>",
"gitHubBranch": "<sample branch name>",
"gitHubFilePath": "<sample github file path>",
"description": "sample description",
"platform": "WINDOWS",
"severity": "3",
"threshold":300,
"title": "Sample title",
"typeId": 2,
"languageId": 1,
"scriptApprovalUserConsent": true,
"hasParameters": true,
"customQid": {
"qid": "12345",
"type": "Detection QID",
"severity": "4",
"qds": "75",
"vulnerabilityType": "Potential",
"cveIds": "CVE-2023-3452",
"detectionLogic": "Use Script",
"returnCodeStatusMap": [
{
"returnCode": "1",
"status": "Not-Detected"
},
{
"returnCode": "5",
"status": "Detected"
}
]
},
"params": [
{
"key": "string",
"value": "string"
}
]
}
Response
{
"id": 100010,
"message": "Updated Successfully."
}
API Version History
The following table depicts the information about the different versions of this API along with the status:
| API Version | API Status | Release Date |
|---|---|---|
| /sm/v4/script/{id} | Active | Oct 2024 |
| /sm/v2/script/{id} | To be deprecated | Feb 2025 |