Submit Finding Report Request API

POST/etm/api/rest/v1/reports/findings

Use this API to request finding reports in JSON, CSV, or Parquet formats. Currently, only JSON format is supported.

Input ParametersInput Parameters

Parameter

Mandatory/Optional

Data Type

Description

reportFormat Mandatory String Use JSON as report format.
name Optional String Provide name of the report.
description Optional String Provide description of the report.
assetQql Optional String Filter assets based on asset QQL query.
findingsQql Optional String Filter the Findings based of findings QQL query.

Authorization 

Mandatory

String

Authorization token to authenticate to the Qualys Enterprise TruRisk Platform

Prepend token with Bearer and one space.

For example - Bearer authToken

SampleSample

API Request

curl -X POST 
'<qualys_base_url>/etm/api/rest/v1/reports/findings'
--header 'Content-Type: application/json'
--header 'Authorization: Bearer <JWT Token>'
--data '{
    "name": "Finding Report2123Report1234567report8",
    "description": "Test Report description",
    "reportFormat": "JSON",
    "assetQql" : "asset.assetID:341133",
    "findingsQql": "finding.vendorProductName: `Spotlight`"
}'
    

Response

{
  "id":"283593f9-b295-45d1-a37c-e04dd26b02e9",
  "name":"Finding Report",
  "description":"Test Report description",
  "reportFormat":"JSON",
  "assetQql":"",
  "findingsQql":"(finding.type: Vulnerability) and ((finding.severity:`1` and finding.riskFactor.rti:`Easy_Exploit`) and (finding.typeDetected: [`Confirmed`, `Potential`, `Sensitive Content`] and finding.status: [`NEW`, `ACTIVE`, `REOPENED`] and finding.disabled: FALSE and finding.ignored: FALSE))",
  "status":"REQUESTED",
  "created":"2024-12-17T15:15:58.5426457",
  "createdBy":{
    "id":"e254d3ed-0dbf-7207-81c9-790785f0f2a5",
    "firstName":"Automation",
    "lastName":"User",
    "username":"john_doe"
  },
  "updated":"2024-12-17T15:15:58.5426457",
  "updatedBy":{
    "id":"e254d3ed-0dbf-7207-81c9-790785f0f2a5",
    "firstName":"Automation",
    "lastName":"User",
    "username":"john_doe"
  },
  "expirationDate":"2026-01-17T15:15:58.2899838"
}