Returns response with given number of Image records according to filter.
When you make your API request, you’ll use the “limit” input parameter to specify the number of records to return. For example, you can choose to return details for 10 images at a time by specifying limit=10. The Response Header will include a unique link that you can specify in the next API request to get the next set of results. i.e. the next 10 images. Simply take the link as is for the new request, no additional parameters are needed. When there are no more records to return, the Response Header will show a value of “null” for the link.
The details shown for each image in the list response will be the same as if you were fetching a single image, with a few exceptions. The “vulnerabilities” section of the response will only show qid, result and software. Instead of listing all hosts where an image was found, we’ll show details for the most recent host where the image was found. This appears in the response under “lastFoundOnHost”.
Parameter |
Mandatory/Optional |
Data Type |
Description |
---|---|---|---|
limit |
Optional |
integer |
Specify the number of records to include in the response. Enter a value from 1 to 250. |
filter |
Optional |
string |
Filter the images list by providing a query using Qualys syntax.
Refer to “How to Search” topic in the online help for assistance with creating your query. |
API request
curl -X GET
"<qualys_base_url>/csapi/v1.3/images/list?limit=2" --header "Authorization: Bearer <token>"
Response Headers
{
"content-type": "application/json;charset=UTF-8",
"date": "Wed, 26 Aug 2020 07:41:21 GMT",
"link": "<http://qualysapi.qualys.com/csapi/v1.3/images/list?limit=2&paginationQuery=updated%3E%3D1593731505425+AND+not+uuid%3A+%5Bbc092a61-caee-3ff1-a693-d9062361ad3c%5D<;rel=next",
"referrer-policy": "same-origin",
"server": "Qualys",
"transfer-encoding": "chunked",
"x-content-type-options": "nosniff",
"x-frame-options": "sameorigin",
"x-permitted-cross-domain-policies": "none",
"x-powered-by": "Qualys",
"x-xss-protection": "1; mode=block"
}
Response JSON
{
"data": [
{
"created": "1557533223000",
"updated": "1593731440059",
"author": "",
"repo": [
{
"registry": "docker.io",
"tag": "3.9",
"repository": "alpine"
}
],
"repoDigests": [
{
"registry": "docker.io",
"digest": "7746df395af22f04212cd25a92c1d6dbc5a06a0ca9579a229ef43008d4d1302a",
"repository": "alpine"
}
],
"label": null,
"layersCount": null,
"uuid": "cfd55a5d-28fd-39c3-9572-50b05b89bd1a",
"sha": "055936d3920576da37aa9bc460d70c5f212028bda1c08c0879aedf03d7a66ea1",
"operatingSystem": "Alpine Linux 3.9.4",
"sensorUuid": null,
"customerUuid": "a1d17d51-03fb-c803-81a6-1048acccaca9",
"dockerVersion": "18.06.1-ce",
"size": 5533135,
"layers": null,
"architecture": "amd64",
"imageId": "055936d39205",
"lastVmScanDate": "1593731440058",
"registryUuid": null,
"source": [
"GENERAL"
],
"users": [
"root",
"operator",
"postgres"
],
"lastFoundOnHost": null,
"isDockerHubOfficial": null,
"isInstrumented": null,
"instrumentedFrom": null,
"instrumentationState": null,
"scanType": "DYNAMIC",
"scanTypes": [
"DYNAMIC"
],
"softwares": [
{
"name": "musl",
"version": "1.1.20-r4",
"fixVersion": null
},
{
"name": "libtls-standalone",
"version": "2.7.4-r6",
"fixVersion": null
},
{
"name": "alpine-keys",
"version": "2.1-r1",
"fixVersion": null
},
{
...
],
"vulnerabilities": [
{
"qid": 105144,
"result": "shadow:x:42:\n\n/etc/shadow\n\n-rw-r----- 1 root shadow 441 May 9 2019 /etc/shadow",
"software": null
}
]
},
{
"created": "1591815652000",
"updated": "1593731505425",
"author": "",
"repo": [
{
"registry": "docker.io",
"tag": "1",
"repository": "hello_world_ps"
}
],
"repoDigests": null,
"label": [
{
"key": "org.label-schema.name",
"value": "CentOS Base Image"
},
{
"key": "org.label-schema.license",
"value": "GPLv2"
},
...
],
"layersCount": null,
"uuid": "bc092a61-caee-3ff1-a693-d9062361ad3c",
"sha": "016ad20049fb86f4f027cc93efecce7a9c546ee5a30139b1d62c225161954581",
"operatingSystem": "CentOS Linux 7.7.1908",
"sensorUuid": null,
"customerUuid": "a1d17d51-03fb-c803-81a6-1048acccaca9",
"dockerVersion": "19.03.5",
"size": 457819642,
"layers": null,
"architecture": "amd64",
"imageId": "016ad20049fb",
"lastVmScanDate": "1593731505424",
"registryUuid": null,
"source": [
"GENERAL"
],
"users": [
"root"
],
"lastFoundOnHost": null,
"isDockerHubOfficial": null,
"isInstrumented": null,
"instrumentedFrom": null,
"instrumentationState": null,
"scanType": "DYNAMIC",
"softwares": [
{
"name": "util-linux",
"version": "2.23.2-61.el7",
"fixVersion": null
},
{
"name": "tar",
"version": "1.26-35.el7",
"fixVersion": null
},
...
],
"vulnerabilities": [
{
"qid": 256906,
"result": "#table cols=\"3\"\nPackage Installed_Version Required_Version\nbind-license 9.11.4-16.P2.el7.noarch 9.11.4-16.P2.el7__8.6",
"software": [
{
"name": "bind-license",
"version": "9.11.4-16.P2.el7",
"fixVersion": "9.11.4-16.P2.el7__8.6"
}
]
}
]
}
],
"limit": 2
}
In this example, the link from the Response Header from the previous API request is specified as part of the new request in order to get the next set of results. The response will be similar to the previous example.
API request
curl -X GET
"<qualys_base_url>/csapi/v1.3/images/list?limit=2&paginationQuery=updated%3E%3D1593731505425+AND+not+uuid%3A+%5Bbc092a61-caee-3ff1-a693-d9062361ad3c%5D" --header "Authorization: Bearer <token>"
Here’s a sample response where there are no more records to return after this, so there is no link provided in the Response Header section. You’ll see a value of “null” for the link.
Response Headers
{
"content-type": "application/json;charset=UTF-8",
"date": "Wed, 26 Aug 2020 07:41:21 GMT",
"link": "null",
"referrer-policy": "same-origin",
"server": "Qualys",
"transfer-encoding": "chunked",
"x-content-type-options": "nosniff",
"x-frame-options": "sameorigin",
"x-permitted-cross-domain-policies": "none",
"x-powered-by": "Qualys",
"x-xss-protection": "1; mode=block"
}
This is applicable for subscriptions with SCA Scanning enabled and for images scanned using SCA. The response includes “SCA” in the value for scanTypes.
API request
curl -X GET
"<qualys_base_url>/csapi/v1.3/images/list?limit=2" --header "Authorization: Bearer <token>"
Response
{
"data": [
{
"created": "1660094821000",
"updated": "1661479235359",
"author": "",
"repo": [
{
"registry": "docker.io",
"tag": "latest",
"repository": "vault"
}
],
"repoDigests": [
{
"registry": "docker.io",
"digest": "f2c0f82d1bde88a6608f26468258306e48ac46a4d353db2151e26e0fd00928bb",
"repository": "vault"
}
],
"label": null,
"uuid": "a449db68-b539-33f1-8bc0-723c9e9c6e0a",
"sha": "22fdc6314051df714eb280680c24524ed01d0ed2eddff1358cc40d528c82579e",
"operatingSystem": "Alpine Linux 3.14.8",
"customerUuid": "98c16d24-d2c1-53c9-8200-4468190aff46",
"dockerVersion": "20.10.12",
"size": 207222566,
"layers": [
{
"size": "0",
"createdBy": "CMD [\"/bin/sh\"]",
"created": "1660065608000",
"comment": "",
"id": null,
"sha": null,
"tags": null
},
...
"architecture": "amd64",
"imageId": "22fdc6314051",
"lastScanned": "1661479235359",
"registryUuid": null,
"source": [
"GENERAL"
],
"users": [
"root"
],
"lastFoundOnHost": {
"sensorUuid": "2ed740ac-acba-47b5-8072-aaa739e44f0d",
"hostname": "ip-10-20-30-40",
"ipAddress": "10.20.30.40",
"uuid": "721e3460-bced-4ec0-b695-3c3349eefefb",
"lastUpdated": "2022-08-26T01:57:22.110Z"
},
"isDockerHubOfficial": null,
"isInstrumented": null,
"instrumentedFrom": null,
"instrumentationState": null,
"scanType": null,
"scanTypes": [
"DYNAMIC",
"SCA"
],
"softwares": [
{
"name": "github.com/hashicorp/golang-lru",
"version": "v0.5.4",
"fixVersion": null,
"scanType": "SCA",
"packagePath": "bin/vault"
},
{
"name": "github.com/xdg-go/scram",
"version": "v1.0.2",
"fixVersion": null,
"scanType": "SCA",
"packagePath": "bin/vault"
},
...
"vulnerabilities": [
{
"qid": 980408,
"result": "#table cols=\"5\"\nPackage Installed_Version Required_Version Language Install_Path\norg.jsoup:jsoup 1.12.1 1.14.2 Java usr/share/maven/lib/wagon-http-3.4.3-shaded.jar",
"software": [
{
"name": "org.jsoup:jsoup",
"version": "1.12.1",
"fixVersion": "1.14.2",
"scanType": "SCA",
"packagePath": "usr/share/maven/lib/wagon-http-3.4.3-shaded.jar"
}
],
"lastFound": "1661479693756",
"firstFound": "1661479693756",
"typeDetected": "CONFIRMED",
"scanType": [
"SCA"
]
},
...
Was this topic helpful?