Submit Finding Report Request API

POST/etm/api/rest/v1/reports/findings

Use this API to request finding reports in JSON, CSV, or Parquet formats. Currently, only JSON format is supported.

Input ParametersInput Parameters

Parameter	Mandatory/Optional	Data Type	Description
reportFormat	Mandatory	String	Use JSON as report format.
name	Optional	String	Provide name of the report.
description	Optional	String	Provide description of the report.
assetQql	Optional	String	Filter assets based on asset QQL query.
findingsQql	Optional	String	Filter the Findings based of findings QQL query.
Authorization	Mandatory	String	Authorization token to authenticate to the Qualys Enterprise TruRisk Platform Prepend token with Bearer and one space. For example - Bearer authToken

Parameter

Mandatory/Optional

Data Type

Description

reportFormat

Mandatory

String

Use JSON as report format.

name

Optional

String

Provide name of the report.

description

Optional

String

Provide description of the report.

assetQql

Optional

String

Filter assets based on asset QQL query.

findingsQql

Optional

String

Filter the Findings based of findings QQL query.

Authorization

Mandatory

String

Authorization token to authenticate to the Qualys Enterprise TruRisk Platform

Prepend token with Bearer and one space.

For example - Bearer authToken

SampleSample

API Request

curl -X POST 
'<qualys_base_url>/etm/api/rest/v1/reports/findings'
--header 'Content-Type: application/json'
--header 'Authorization: Bearer <JWT Token>'
--data '{
    "name": "Finding Report2123Report1234567report8",
    "description": "Test Report description",
    "reportFormat": "JSON",
    "assetQql" : "asset.assetID:341133",
    "findingsQql": "finding.vendorProductName: `Spotlight`"
}'

Response

{
  "id":"283593f9-b295-45d1-a37c-e04dd26b02e9",
  "name":"Finding Report",
  "description":"Test Report description",
  "reportFormat":"JSON",
  "assetQql":"",
  "findingsQql":"(finding.type: Vulnerability) and ((finding.severity:`1` and finding.riskFactor.rti:`Easy_Exploit`) and (finding.typeDetected: [`Confirmed`, `Potential`, `Sensitive Content`] and finding.status: [`NEW`, `ACTIVE`, `REOPENED`] and finding.disabled: FALSE and finding.ignored: FALSE))",
  "status":"REQUESTED",
  "created":"2024-12-17T15:15:58.5426457",
  "createdBy":{
    "id":"e254d3ed-0dbf-7207-81c9-790785f0f2a5",
    "firstName":"Automation",
    "lastName":"User",
    "username":"john_doe"
  },
  "updated":"2024-12-17T15:15:58.5426457",
  "updatedBy":{
    "id":"e254d3ed-0dbf-7207-81c9-790785f0f2a5",
    "firstName":"Automation",
    "lastName":"User",
    "username":"john_doe"
  },
  "expirationDate":"2026-01-17T15:15:58.2899838"
}