Home

How to uninstall a CS sensors

This topic explains how you can uninstall a Qualys Container Security sensors present in a Standalone host and a Kubernetes cluster. These sensors are: General Sensor, CI/CD Sensor, Registry Sensor, Cluster Sensor, Container Runtime Sensor, and Admission Controller.

How to uninstall a CS Sensors from a Standalone Host?

The QualysContainerSensor.tar.xz file (which you download for sensor installation from Qualys Enterprise TruRisk™ Platform) has the script uninstallsensor.sh for uninstalling the sensor.

To uninstall CS sensors from a Standalone host,

  • If the Docker host is configured to communicate over docker.sock, use the following command.
    ./uninstallsensor.sh -s
    -s: is for silent uninstallation, which does not remove the persistent storage.

    If you don’t want to uninstall sensors silently (removal of persistent storage),
    $ sudo ./uninstallsensor.sh

    To remove the sensors' persistent storage files explicitly,
    sudo rm -rf /usr/local/qualys/sensor

    Qualys recommends to clear the persistent storage.

  • If the docker host is configured to communicate over TCP socket then provide the address on which the Docker daemon is configured to listen.
    ./uninstallsensor.sh DockerHost=<<IPv4 address or FQDN>:<Port#>> -s

    For example:
    ./uninstallsensor.sh DockerHost=10.11.12.13:1234 -s

The above command works the same for an environment having Podman runtime.

Follow the on-screen prompts to uninstall the sensor.

Alternatively,
You can use the following Docker commands to uninstall the sensor. 
Sudo docker stop qualys-container-sensor
Sudo docker rm qualys-container-sensor
sudo rm -rf /usr/local/qualys/sensor

Verification Steps

1. Confirm that no sensor appears in the output.
docker ps

2. Confirm the following path is empty.
/usr/local/qualys/sensor

How to uninstall a CS Sensors from a Kubernetes Cluster?

Scenario 1: CS Sensors deployed in Kubernetes using Unified Helm Charts (qualys-tc)

  1. Run the following command to uninstall the Qualys Helm chart (qualys-tc) from the qualys namespace. This, in turn, uninstalls all CS Sensors present in that namespace.
    helm uninstall qualys-tc -n qualys
  2. Delete the namespace and all remaining resources.
    kubectl delete namespace qualys

Verification Steps

  1. Confirm the following command returns empty value.
    helm list -n qualys 
  2. Confirm that the following command returns response as "No resources found".
    kubectl get all -n qualys 

If you are using the latest Helm chart version 2.8.0 or later, the persistentStorage is set to false, there is no need to manually clean up persistent storage.

Scenario 2: CS sensors deployed in Kubernetes using a YAML file

Run the following command to uninstall the Qualys sensor using the YAML file.
kubectl delete -f <filename.yaml> -n qualys

<filename.yaml>: Qualys Container Security offers various YAMLs. The exact YAML filename depends on what was used during deployment. 

For example, if you want to unistall CS Sensor using qualys-sensor.yaml, run the following command.
kubectl delete -f qualys-sensor.yaml -n qualys


Verification Step
Confirm that the following command returns response as "No resources found".
kubectl get all -n qualys 

 

© 2026 Qualys, Inc. All rights reserved. Privacy Policy. Last updated: June, 2026