Fetch a List of Images (Bulk API)
Returns response with a given number of Image records according to filter.
When you make your API request, you’ll use the "limit” input parameter to specify the number of records to return. For example, you can choose to return details for 10 images at a time by specifying limit=10. The Response Header will include a unique link that you can specify in the next API request to get the next set of results. i.e. the next 10 images. Take the link as is for the new request, no additional parameters are needed. When there are no more records to return, the Response Header will show a value of “null” for the link.
The details shown for each image in the list response will be the same as if you were fetching a single image, with a few exceptions. The “vulnerabilities” section of the response will only show qid, result and software. Instead of listing all hosts where an image was found, we’ll show details for the most recent host where the image was found. This appears in the response under “lastFoundOnHost”.
Input ParametersInput Parameters
|
Parameter |
Mandatory/Optional |
Data Type |
Description |
|---|---|---|---|
|
limit |
Optional |
integer |
Specify the number of records to include in the response. Enter a value from 1 to 250. |
|
filter |
Optional |
string |
Filter the images list by providing a query using Qualys syntax. Refer to 'Searching for Images' topic in the online help for assistance with creating your query. |
| paginationQuery | Optional | string |
Specify the next page filter query. You can find the next page query in the response headers. |
Sample 1: List images with a limit of 2 recordsSample 1: List images with a limit of 2 records
API request
curl -X "GET"
"<qualys_base_url>/csapi/v1.3/images/list?filter=imagesInUse:'[now-7d ... now]'&limit=2&scanDetails=malware%2C%20secrets"
-H "accept: application/json"
-H "Authorization: Bearer <token>"
Response Headers
{
"content-type": "application/json;charset=UTF-8",
"date": "Wed, 26 July 2024 07:41:21 GMT",
"link": "<qualys_base_url>/csapi/v1.3/images/list?filter=imagesInUse:’[now-1d ... now]’&limit=2&paginationQuery=updated%3E%3D1593731505425+AND+not+uuid%3A+%5Bbc092a61-caee-3ff1-a693-d9062361ad3c%5D<;rel=next",
"referrer-policy": "same-origin",
"server": "Qualys",
"transfer-encoding": "chunked",
"x-content-type-options": "nosniff",
"x-frame-options": "sameorigin",
"x-permitted-cross-domain-policies": "none",
"x-powered-by": "Qualys",
"x-xss-protection": "1; mode=block"
}
Response JSON
{
"data": [
{
"created": "1472581305000",
"updated": "1724323293607",
"author": "jack_reader",
"repo": [
{
"registry": "art-hq.intranet.qualys.com:5001",
"tag": "fedora22",
"repository": "multi-os-images"
},
{
"registry": "docker.io",
"tag": "fedora",
"repository": "jr1/alpine-amd64"
},
{
"registry": "sjc.ocir.io",
"tag": "centos",
"repository": "axtqwmwbaayf/public-1"
},
{
"registry": "sjc.ocir.io",
"tag": "fedora",
"repository": "axtqwmwbaayf/acme"
},
{
"registry": "docker.io",
"tag": "22",
"repository": "fedora"
},
{
"registry": "msftlongregistryandreponametest.azurecr.io",
"tag": "tag",
"repository": "test1/test2"
}
],
"repoDigests": [
{
"registry": "docker.io",
"digest": "dea6d6d845c3eba400289b61444ce193dd3df73f8ac70fb60fb6ed39718e111c",
"repository": "jr1/alpine-amd64"
},
{
"registry": "docker.io",
"digest": "d5cce9139f8758171936a033c0625307760026446d4d30f084ff6b52aecc1721",
"repository": "fedora"
},
{
"registry": "art-hq.intranet.qualys.com:5001",
"digest": "dea6d6d845c3eba400289b61444ce193dd3df73f8ac70fb60fb6ed39718e111c",
"repository": "multi-os-images"
},
{
"registry": "sjc.ocir.io",
"digest": "dea6d6d845c3eba400289b61444ce193dd3df73f8ac70fb60fb6ed39718e111c",
"repository": "axtqwmwbaayf/public-1"
},
{
"registry": "msftlongregistryandreponametest.azurecr.io",
"digest": "dea6d6d845c3eba400289b61444ce193dd3df73f8ac70fb60fb6ed39718e111c",
"repository": "test1/test2"
},
{
"registry": "sjc.ocir.io",
"digest": "dea6d6d845c3eba400289b61444ce193dd3df73f8ac70fb60fb6ed39718e111c",
"repository": "axtqwmwbaayf/qualys"
}
],
"label": [],
"uuid": "d165a97b-7e10-3f0b-acb9-eac7c39d1532",
"sha": "01a9fe974dba61470137158fc1987884ea1f2333ae60c7f76562dbae02739ada",
"operatingSystem": "Fedora 22",
"customerUuid": "af24ca38-27a8-6bd9-8241-5ec3c9eecdb5",
"dockerVersion": "1.12.1",
"size": 188728229,
"layers": [
{
"size": "188728229",
"createdBy": "ADD file:e14b712e5cfef28691da81e314415790d59685a366414f6be248b871e42d4436 in / ",
"created": "1472581305000",
"comment": "",
"id": "01a9fe974dba",
"sha": "01a9fe974dba61470137158fc1987884ea1f2333ae60c7f76562dbae02739ada",
"tags": [
"sjc.ocir.io/axtqwmwbaayf/qualys:fedora",
"art-hq.intranet.qualys.com:5001/multi-os-images:fedora22",
"hchandawad1/alpine-amd64:fedora",
"fedora:22",
"sjc.ocir.io/axtqwmwbaayf/public-1:centos",
"msftlongregistryandreponametest.azurecr.io/test1/test2:tag"
],
"layerNumber": null,
"isBaseLayer": null,
"isEmptyLayer": null
},
{
"size": "0",
"createdBy": "jack_reader",
"created": "1472581297000",
"comment": "",
"id": null,
"sha": null,
"tags": null,
"layerNumber": null,
"isBaseLayer": null,
"isEmptyLayer": null
}
],
"architecture": "amd64",
"imageId": "01a9fe974dba",
"lastScanned": "1724323293607",
"registryUuid": null,
"source": [
"GENERAL"
],
"users": [],
"lastFoundOnHost": {
"sensorUuid": "75e30f2f-05f5-413f-9baf-0095b39347ad",
"hostname": "localhost.localdomain",
"ipAddress": "10.115.97.76",
"uuid": "62fe1baa-0311-0002-ca34-0050568cd03b",
"lastUpdated": "2024-08-22T10:52:22.065Z"
},
"lastUsedDate": null,
"isDockerHubOfficial": null,
"scanType": null,
"scanTypes": [
"STATIC"
],
"softwares": [
"name": "rpm-plugin-selinux",
"version": "4.12.0.1-14.fc22",
"fixVersion": null,
"scanType": "STATIC",
"packagePath": null
},
{
"name": "libuuid",
"version": "2.26.2-4.fc22",
"fixVersion": null,
"scanType": "STATIC",
"packagePath": null
},
{
"name": "lzo",
"version": "2.08-3.fc22",
"fixVersion": null,
"scanType": "STATIC",
"packagePath": null
},
{
"name": "rootfiles",
"version": "8.1-17.fc21",
"fixVersion": null,
"scanType": "STATIC",
"packagePath": null
},
{
"name": "libstdc++",
"version": "5.3.1-2.fc22",
"fixVersion": null,
"scanType": "STATIC",
"packagePath": null
},
{
"name": "deltarpm",
"version": "3.6-8.fc22",
"fixVersion": null,
"scanType": "STATIC",
"packagePath": null
},
],
"vulnerabilities": [
{
"qid": 124975,
"result": null,
"software": [
{
"name": "libssh2",
"version": "1.5.0-1.fc22",
"fixVersion": "1.5.0-2.fc22",
"scanType": "STATIC",
"packagePath": null
}
],
"lastFound": "1724323293564",
"firstFound": "1724323293564",
"typeDetected": "CONFIRMED",
"scanType": [
"STATIC"
]
},
{
"qid": 276308,
"result": null,
"software": [
{
"name": "openssl-libs",
"version": "1.0.1k-13.fc22",
"fixVersion": "1.0.1k-14.fc22",
"scanType": "STATIC",
"packagePath": null
}
],
"lastFound": "1724323293570",
"firstFound": "1724323293570",
"typeDetected": "CONFIRMED",
"scanType": [
"STATIC"
]
},
{
"qid": 276113,
"result": null,
"software": [
{
"name": "openssl-libs",
"version": "1.0.1k-13.fc22",
"fixVersion": "1.0.1k-15.fc22",
"scanType": "STATIC",
"packagePath": null
}
],
"lastFound": "1724323293567",
"firstFound": "1724323293567",
"typeDetected": "CONFIRMED",
"scanType": [
"STATIC"
]
},
{
"qid": 106008,
"result": null,
"software": null,
"lastFound": "1724323293573",
"firstFound": "1724323293573",
"typeDetected": "CONFIRMED",
"scanType": [
"STATIC"
]
}
],
"malware": null,
"secrets": null,
"lastMalwareScanned": null,
"riskScore": null,
"riskScoreCalculatedDate": null,
"maxQdsScore": null,
"qdsSeverity": null,
"criticality": 5,
"criticalityUpdated": 1717098843553
},
{
"created": "1490217199000",
"updated": "1724323252042",
"author": "",
"repo": [
{
"registry": "docker.io",
"tag": "latest",
"repository": "iojs"
},
{
"registry": "dockregtest01.eng.sjc01.qualys.com:5000",
"tag": "latest",
"repository": "iojs"
}
],
"repoDigests": [
{
"registry": "docker.io",
"digest": "e9c867712191ac0d35041268feed489bcaaf9c1169296ca780ba4be03ca4610c",
"repository": "iojs"
},
{
"registry": "dockregtest01.eng.sjc01.qualys.com:5000",
"digest": "ebe3fd385e36a8bbfae06e1f8c1e88a4abfce10dbfc4b8b339d3c0df072ee9f4",
"repository": "iojs"
}
],
"label": [],
"uuid": "1ea83c91-0ef9-3c50-9fdc-d7d3551fb59a",
"sha": "fdab38ea8e39d1bd42b3ef244e6ea4f85a72b41608c6f372bd9de4ba900b4f99",
"operatingSystem": null,
"customerUuid": "af24ca38-27a8-6bd9-8241-5ec3c9eecdb5",
"dockerVersion": "1.12.6",
"size": 648592935,
"layers": [
{
"size": "0",
"createdBy": "CMD [\"iojs\"]",
"created": "1490217199000",
"comment": "",
"id": "fdab38ea8e39",
"sha": "fdab38ea8e39d1bd42b3ef244e6ea4f85a72b41608c6f372bd9de4ba900b4f99",
"tags": [
"iojs:latest",
"dockregtest01.eng.sjc01.qualys.com:5000/iojs:latest"
],
"layerNumber": null,
"isBaseLayer": null,
"isEmptyLayer": null
},
{
"size": "34650067",
"createdBy": "curl -SLO \"https://iojs.org/dist/v$IOJS_VERSION/iojs-v$IOJS_VERSION-linux-x64.tar.gz\" && curl -SLO \"https://iojs.org/dist/v$IOJS_VERSION/SHASUMS256.txt.asc\" && gpg --verify SHASUMS256.txt.asc && grep \" iojs-v$IOJS_VERSION-linux-x64.tar.gz\\$\" SHASUMS256.txt.asc | sha256sum -c - && tar -xzf \"iojs-v$IOJS_VERSION-linux-x64.tar.gz\" -C /usr/local --strip-components=1 && rm \"iojs-v$IOJS_VERSION-linux-x64.tar.gz\" SHASUMS256.txt.asc",
"created": "1490217198000",
"comment": "",
"id": null,
"sha": null,
"tags": null,
"layerNumber": null,
"isBaseLayer": null,
"isEmptyLayer": null
},
{
"size": "0",
"createdBy": "ENV IOJS_VERSION=3.3.0",
"created": "1490217194000",
"comment": "",
"id": null,
"sha": null,
"tags": null,
"layerNumber": null,
"isBaseLayer": null,
"isEmptyLayer": null
},
{
"size": "0",
"createdBy": "ENV NPM_CONFIG_LOGLEVEL=info",
"created": "1490217176000",
"comment": "",
"id": null,
"sha": null,
"tags": null,
"layerNumber": null,
"isBaseLayer": null,
"isEmptyLayer": null
},
{
"size": "88894",
"createdBy": "set -ex && for key in 9554F04D7259F04124DE6B476D5A82AC7E37093B 94AE36675C464D64BAFA68DD7434390BDBE9B9C5 0034A06D9D9B0064CE8ADF6BF1747F4AD2306D93 FD3A5288F042B6850C66B31F09FE44734EB7990E 71DCFD284A79C3B38668286BC97EC7A07EDE3FC1 DD8F2338BAE7501E3DD5AC78C273792F7D83545D ; do gpg --keyserver ha.pool.sks-keyservers.net --recv-keys \"$key\" ; done",
"created": "1490217175000",
"comment": "",
"id": null,
"sha": null,
"tags": null,
"layerNumber": null,
"isBaseLayer": null,
"isEmptyLayer": null
},
{
"size": "322890800",
"createdBy": "set -ex; \tapt-get update; \tapt-get install -y --no-install-recommends \t\tautoconf \t\tautomake \t\tbzip2 \t\tfile \t\tg++ \t\tgcc \t\timagemagick \t\tlibbz2-dev \t\tlibc6-dev \t\tlibcurl4-openssl-dev \t\tlibdb-dev \t\tlibevent-dev \t\tlibffi-dev \t\tlibgdbm-dev \t\tlibgeoip-dev \t\tlibglib2.0-dev \t\tlibjpeg-dev \t\tlibkrb5-dev \t\tliblzma-dev \t\tlibmagickcore-dev \t\tlibmagickwand-dev \t\tlibncurses-dev \t\tlibpng-dev \t\tlibpq-dev \t\tlibreadline-dev \t\tlibsqlite3-dev \t\tlibssl-dev \t\tlibtool \t\tlibwebp-dev \t\tlibxml2-dev \t\tlibxslt-dev \t\tlibyaml-dev \t\tmake \t\tpatch \t\txz-utils \t\tzlib1g-dev \t\t\t\t$( \t\t\tif apt-cache show 'default-libmysqlclient-dev' 2>/dev/null | grep -q '^Version:'; then \t\t\t\techo 'default-libmysqlclient-dev'; \t\t\telse \t\t\t\techo 'libmysqlclient-dev'; \t\t\tfi \t\t) \t; \trm -rf /var/lib/apt/lists/*",
"created": "1490123534000",
"comment": "",
"id": null,
"sha": null,
"tags": null,
"layerNumber": null,
"isBaseLayer": null,
"isEmptyLayer": null
},
{
"size": "122928427",
"createdBy": "apt-get update && apt-get install -y --no-install-recommends \t\tbzr \t\tgit \t\tmercurial \t\topenssh-client \t\tsubversion \t\t\t\tprocps \t&& rm -rf /var/lib/apt/lists/*",
"created": "1490123476000",
"comment": "",
"id": null,
"sha": null,
"tags": null,
"layerNumber": null,
"isBaseLayer": null,
"isEmptyLayer": null
},
{
"size": "44641329",
"createdBy": "apt-get update && apt-get install -y --no-install-recommends \t\tca-certificates \t\tcurl \t\twget \t&& rm -rf /var/lib/apt/lists/*",
"created": "1490123458000",
"comment": "",
"id": null,
"sha": null,
"tags": null,
"layerNumber": null,
"isBaseLayer": null,
"isEmptyLayer": null
},
{
"size": "0",
"createdBy": "CMD [\"/bin/bash\"]",
"created": "1490120945000",
"comment": "",
"id": null,
"sha": null,
"tags": null,
"layerNumber": null,
"isBaseLayer": null,
"isEmptyLayer": null
},
{
"size": "123393418",
"createdBy": "ADD file:4eedf861fb567fffb2694b65ebdd58d5e371a2c28c3863f363f333cb34e5eb7b in / ",
"created": "1490120931000",
"comment": "",
"id": null,
"sha": null,
"tags": null,
"layerNumber": null,
"isBaseLayer": null,
"isEmptyLayer": null
}
],
"architecture": "amd64",
"imageId": "fdab38ea8e39",
"lastScanned": null,
"registryUuid": null,
"source": [
"GENERAL"
],
"users": null,
"lastFoundOnHost": {
"sensorUuid": "75e30f2f-05f5-413f-9baf-0095b39347ad",
"hostname": "localhost.localdomain",
"ipAddress": "10.***.*7.7*",
"uuid": "62fe1baa-0311-0002-ca34-0050568cd03b",
"lastUpdated": "2024-08-22T10:52:22.065Z"
},
"lastUsedDate": null,
"isDockerHubOfficial": null,
"scanType": null,
"scanTypes": null,
"softwares": null,
"vulnerabilities": null,
"malware": null,
"secrets": null,
"lastMalwareScanned": null,
"riskScore": null,
"riskScoreCalculatedDate": null,
"maxQdsScore": null,
"qdsSeverity": null
"criticality": 5,
"criticalityUpdated": 1717098843553
}
],
"limit": 2
}
Sample 2: Get the next set of results for the images listSample 2: Get the next set of results for the images list
In this example, the link from the Response Header from the previous API request is specified as part of the new request in order to get the next set of results. The response will be similar to the previous example.
API request
curl -X GET
"<qualys_base_url>/csapi/v1.3/images/list?limit=2&paginationQuery=updated%3E%3D1593731505425+AND+not+uuid%3A+%5Bbc092a61-caee-3ff1-a693-d9062361ad3c%5D"
-H "Authorization: Bearer <token>"
Sample 3: Response with no linkSample 3: Response with no link
Here’s a sample response where there are no more records to return after this, so there is no link provided in the Response Header section. You’ll see a value of “null” for the link.
Response Headers
{
"content-type": "application/json;charset=UTF-8",
"date": "Wed, 26 Aug 2020 07:41:21 GMT",
"link": "null",
"referrer-policy": "same-origin",
"server": "Qualys",
"transfer-encoding": "chunked",
"x-content-type-options": "nosniff",
"x-frame-options": "sameorigin",
"x-permitted-cross-domain-policies": "none",
"x-powered-by": "Qualys",
"x-xss-protection": "1; mode=block"
}
Sample 4: Image scanned using SCASample 4: Image scanned using SCA
This is applicable for subscriptions with SCA Scanning enabled and for images scanned using SCA. The response includes “SCA” in the value for scanTypes.
API request
curl -X GET
"<qualys_base_url>/csapi/v1.3/images/list?limit=2"
-H "Authorization: Bearer <token>"
Response
{
"data": [
{
"created": "1660094821000",
"updated": "1661479235359",
"author": "",
"repo": [
{
"registry": "docker.io",
"tag": "latest",
"repository": "vault"
}
],
"repoDigests": [
{
"registry": "docker.io",
"digest": "f2c0f82d1bde88a6608f26468258306e48ac46a4d353db2151e26e0fd00928bb",
"repository": "vault"
}
],
"label": null,
"uuid": "a449db68-b539-33f1-8bc0-723c9e9c6e0a",
"sha": "22fdc6314051df714eb280680c24524ed01d0ed2eddff1358cc40d528c82579e",
"operatingSystem": "Alpine Linux 3.14.8",
"customerUuid": "98c16d24-d2c1-53c9-8200-4468190aff46",
"dockerVersion": "20.10.12",
"size": 207222566,
"layers": [
{
"size": "0",
"createdBy": "CMD [\"/bin/sh\"]",
"created": "1660065608000",
"comment": "",
"id": null,
"sha": null,
"tags": null
},
...
"architecture": "amd64",
"imageId": "22fdc6314051",
"lastScanned": "1661479235359",
"registryUuid": null,
"source": [
"GENERAL"
],
"users": [
"root"
],
"lastFoundOnHost": {
"sensorUuid": "2ed740ac-acba-47b5-8072-aaa739e44f0d",
"hostname": "ip-10-20-30-40",
"ipAddress": "10.20.30.40",
"uuid": "721e3460-bced-4ec0-b695-3c3349eefefb",
"lastUpdated": "2022-08-26T01:57:22.110Z"
},
"isDockerHubOfficial": null,
"isInstrumented": null,
"instrumentedFrom": null,
"instrumentationState": null,
"scanType": null,
"scanTypes": [
"DYNAMIC",
"SCA"
],
"softwares": [
{
"name": "github.com/hashicorp/golang-lru",
"version": "v0.5.4",
"fixVersion": null,
"scanType": "SCA",
"packagePath": "bin/vault"
},
{
"name": "github.com/xdg-go/scram",
"version": "v1.0.2",
"fixVersion": null,
"scanType": "SCA",
"packagePath": "bin/vault"
},
...
"vulnerabilities": [
{
"qid": 980408,
"result": "#table cols=\"5\"\nPackage Installed_Version Required_Version Language Install_Path\norg.jsoup:jsoup 1.12.1 1.14.2 Java usr/share/maven/lib/wagon-http-3.4.3-shaded.jar",
"software": [
{
"name": "org.jsoup:jsoup",
"version": "1.12.1",
"fixVersion": "1.14.2",
"scanType": "SCA",
"packagePath": "usr/share/maven/lib/wagon-http-3.4.3-shaded.jar"
}
],
"lastFound": "1661479693756",
"firstFound": "1661479693756",
"typeDetected": "CONFIRMED",
"scanType": [
"SCA"
]
},
...