Manage Asset Tags

 

Tags we've defined for you

How do I view tag details?

Tagging DNS hostnames

How do I view whether the tag re-evaluation is completed or not while creating or updating a tag with a dynamic rule?

Tell me about the tag tree

What assets have a tag?

Saving tags

Tags for cloud instances

Tell me about tag rules

Tell me about tag filters

How do I move tags to root?

Tell me about favorites

 


Tags we've defined for you

We automatically create tags for you. Business Units | Asset Groups | Cloud Agent | Internet Facing Assets | Passive Sensor

Tagging DNS hostnames

The DNS hostnames in the asset groups are automatically assigned the tag for that asset group.

For example, if you add DNS hostname qualys-test.com to My Asset Group (asset group) in the Vulnerability Management (VM) application, then we'll add the My Asset Group tag to DNS hostname qualys-test.com.

Tell me about the tag tree

You'll see the tag tree here in CyberSecurity Asset Management (CSAM) and in apps in your subscription. We present your asset tags in a tree with the high level tags like the Business Units tag, Cloud Agent tag and the Asset Groups tag at the top-most level and child tags like those for individual business units, cloud agents and asset groups as branches. Show me

As tags are added and assigned, this tree structure helps you manage your assets by mimicking organizational relationships within your enterprise.

A benefit of the tag tree is that you can assign any tag in the tree to a scan or report.

Adding Child Tags

You'll add a child tag from Quick Actions menu for a tag. You can create maximum 8 tag levels and 100 child tags for a parent tag.

Saving tags

When you save your dynamic tag, we apply it to all scanned hosts that match the rule you defined. You can filter the assets list to show only those that match your new tag rule.

When you save your static tag, you can apply it to your asset from the Inventory tab.

Tell me about tag rules

When you create a tag, you can configure a tag rule for it. The rule is used to evaluate asset data returned by scans. When asset data matches a tag rule we'll automatically add the tag to the asset. Whenever you add or edit a dynamic tag based on any rule, if the "Evaluate Rule on Creation" check box is not selected, the tag evaluation for a given asset will happen only after that asset is scanned later.

Whenever a new dynamic tag is created or an existing tag is modified, the tags are automatically queued for auto-evaluation. You need not manually initiate a rule evaluation.

How do I view tag details?

Go to the Tags tab and click View under Quick Actions menu for a tag. The view mode for screens displays with tag details and activity details for the tag. You can edit, mark as favourite, and delete the tag from this mode from Actions menu.

How do I view whether the tag re-evaluation is completed or not while creating or updating a tag with a dynamic rule?

Once you’ve created or updated a tag with a dynamic rule, re-evaluating the tag can take a while in a large environment. However, you can see your latest tag re-evaluation on the tag list page under the REEVAL STATUS tab.

The following are the statuses you can view on the tag details page.

In progress: In this state, the assets are getting attached to the tag. The tag is evaluating, and assets are being added to the tag.

Completed: When all the assets are added to the tag and the process is completed. The tag has finished evaluating the assets.

How do I view Action logs details?

To view all the action log details, go to the Tags tab and click View under Quick Actions menu > Click Action Log.

How do I move tags to root?

Go to the Tags tab and click Move to root under Quick Actions menu for a child tag. Once you perform 'Move to root' action, child tag will be moved to parent tag and carries all the children under it while moving to root.

Tell me about tag filters?

Go to the Tags tab and you can see Filters dropdown. You can filter the list of tags using favourite, not in use, and in scope checkbox. You can also filter tags based on the color applied to tags.

Tell me about favorites

If there are tags you assign frequently, adding them to favorites can save time. You can mark a tag as a favorite when adding a new tag or when editing an existing one. If a tag is already favourite, you can see an option to remove from favourite.

How do I find out what assets have a tag?

It's easy. Say you want to find assets with the tag "Windows All".
- Go to the Assets tab under Inventory menu, enter "tags" (no quotes) in the search field
- Select "tags.name" and enter your query: tags.name: Windows All
- Then press Enter button from your keyboard

You can also find the list of assets from Tags menu. From Quick Actions menu for a tag, click Find Assets and you can see list of assets associated with the tag.

Tags for cloud instances

Its easy to group your cloud assets according to the cloud provider they belong to. Tags are applied to assets found by cloud agents (AWS, AZURE, GCP), AssetView (EC2, Azure connectors), and CloudView (AWS, Azure, GCP connectors).

The query used during tag creation may display a subset of the results shown when the same query is run in the Assets tab. This is because the query in the Tag Creation wizard is always run in the context of the selected cloud provider.

For example the following query returns different results in the Tag Creation wizard and Asset search:

not aws.ec2.publicIpAddress is null

You must provide the cloud provider information in the Asset search to get results for a specific cloud provider.

provider:AWS and not aws.ec2.publicIpAddress is null

Similarly, use provider:Azure and provider:GCP for the respective cloud providers.

Tag your Amazon EC2 instances

Tag your Microsoft Azure instances

Tag your Google Cloud Platform instances