Create a Report Request

Use this API to create a new report request.

POST/csapi/v1.3/reports

Input ParametersInput Parameters

Parameter	Mandatory/Optional	Data Type	Description
name	Mandatory	string	Specify a title for your report (up to 150 characters).
description	Optional	string	Specify a description for your report (up to 250 characters).
templateName	Mandatory	string	Specify the template for the report you want to create. Valid values are: CS_IMAGE_VULNERABILITY CS_CONTAINER_VULNERABILITY CS_IMAGE_SECRETS CS_IMAGE_MALWARE
filter	Optional	string	Filter the images or containers list for the report by providing a query using Qualys syntax. Refer to the “How to Search” topic in the online help for assistance with creating your query.
displayColumns	Optional	string	Specify the columns to include in the report. Multiple columns should be comma-separated. When unspecified, ALL report columns will be included. When an empty value is provided, only default columns will be included. When the template CS_IMAGE_VULNERABILITY is used, you can include any of these columns: repo, imageId, sha, uuid, label, tags, created, updated, qid, title, severity, cveids, vendorReference, cvssBase, cvssTemporal, cvss3Base, cvss3Temporal, threat, easyExploit, noPatch, activeAttacks, highLateralMovement, highDataLoss, denialOfService, impact, solution, exploitability, associatedMalwares, category, software, and result. The default columns are: qid, imageId. When the template CS_CONTAINER_VULNERABILITY is used, you can include any of these columns: name, containerId, uuid, imageId, repository, tags, created, hostName, hostIp, state, stateChanged, updated, qid, title, severity, cveids, vendorReference, cvssBase, cvssTemporal, cvss3Base, cvss3Temporal, threat, easyExploit, noPatch, activeAttacks, highLateralMovement, highDataLoss, denialOfService, impact, solution, exploitability, associatedMalwares, category, software, result, podName, podUuid, podNameSpace, podLabel, podController, nodeName, and nodeIsMaster. The default columns are: qid, containerId. When the template CS_IMAGE_SECRETS is used, you can include any of these columns: repo, imageId, sha, uuid, label, created, updated, secretUuid, secretSeverity, layerSha, ruleUuid, filePath, lastUpdated, category, secretType, and matches. The default columns are: imageId, secretUuid. When the template CS_IMAGE_MALWARE is used, you can include any of these columns: repo, imageId, sha, uuid, label, tags, created, updated, malwareSeverity, malwareScore, malwarePrediction, malwareCategory, malwareFamily, malwareCount, lastScanDate, layerAnalyzed, filesAnalyzed, layerSha, layerCommand, layerFileName, layerMimeType, layerFilesAnalyzed, layerCreatedDate, layerMalwareSeverity, layerMalwareScore, layerPrediction, layerMalwareCategory, layerMalwareFamily. The default columns are: imageId, malwareSeverity.
expireAfter	Mandatory	string	Specify a time period after which the report expires and gets deleted from your account. The valid values are (days): 1, 7, 30, or 90 days.

Sample: Create a Report RequestSample: Create a Report Request

API request

    curl -X "POST" 
  "<qualys_base_url>/csapi/v1.3/reports"
  -H "accept: application/json"
  -H "Authorization: Bearer <token>
  -H "Content-Type: application/json"
  -d "{
  "description":"Demo Report","name":"My Container Report","templateName":"CS_CONTAINER_VULNERABILITY", "filter":"status:running","displayColumns":["containerid","uuid","qid"],
  "expireAfter": "30"
}"

Response

    {
  "reportUuid": "7b972e20-2ef3-11ee-814b-3dadcc61dcfb"
}