We automatically create tags for you. Business Units | Asset Groups | Cloud Agent | Internet Facing Assets | Passive Sensor
- Unmanaged: All passively sensed assets that do not have a cloud agent or have not been scanned by Qualys scanner have this tag.
- Passive Sensor: All assets reported by the passive sensor appliance have this tag.
- ICS_OCA: The assets sensed from project files uploaded by the user in the Industrial Control System (ICS) module have this tag.
Internet Facing Assets
We create the Internet Facing Assets tag for assets with specific IP address in defined in the tag. We automatically tag assets that matches this pre-defined IP address range in the tag. You can use this tag to prioritize vulnerabilities in VMDR reports.
You can edit 'Internet Facing Tags' and evaluate these tags with "Evaluate Rule on Creation" check-box.
We create the Cloud Agent tag with child tags for the cloud agents in your account. All the cloud agents are automatically assigned Cloud Agent tag by default.
A child tag can be:
- Location specific agents
- Machine specific agents
We create the tag Asset Groups with child tags for the asset groups in your account. Assets in an asset group are automatically assigned the tag for that asset group.
If you have an asset group called West Coast in your account, then you'll have a tag called West Coast.
We create the Business Units tag with child tags for the business units in your account. Assets in a business unit are automatically assigned the tag for that BU.
A child tag can be:
- Unassigned Business Unit
- A custom business unit name, when a custom BU is defined in your account
The DNS hostnames in the asset groups are automatically assigned the tag for that asset group.
For example, if you add DNS hostname qualys-test.com to My Asset Group (asset group) in the Vulnerability Management (VM) application, then we'll add the My Asset Group tag to DNS hostname qualys-test.com.
You'll see the tag tree here in CyberSecurity Asset Management (CSAM) and in apps in your subscription. We present your asset tags in a tree with the high level tags like the Business Units tag, Cloud Agent tag and the Asset Groups tag at the top-most level and child tags like those for individual business units, cloud agents and asset groups as branches. Show me
As tags are added and assigned, this tree structure helps you manage your assets by mimicking organizational relationships within your enterprise.
A benefit of the tag tree is that you can assign any tag in the tree to a scan or report.
You'll add a child tag from Quick Actions menu for a tag. You can create maximum 8 tag levels and 100 child tags for a parent tag.
When you save your dynamic tag, we apply it to all scanned hosts that match the rule you defined. You can filter the assets list to show only those that match your new tag rule.
When you save your static tag, you can apply it to your asset from the Inventory tab.
When you create a tag, you can configure a tag rule for it. The rule is used to evaluate asset data returned by scans. When asset data matches a tag rule we'll automatically add the tag to the asset. Whenever you add or edit a dynamic tag based on any rule, if the "Evaluate Rule on Creation" check box is not selected, the tag evaluation for a given asset will happen only after that asset is scanned later.
Whenever a new dynamic tag is created or an existing tag is modified, the tags are automatically queued for auto-evaluation. You need not manually initiate a rule evaluation.
Go to the Tags tab and click View under Quick Actions menu for a tag. The view mode for screens displays with tag details and activity details for the tag. You can edit, mark as favourite, and delete the tag from this mode from Actions menu.
Once you’ve created or updated a tag with a dynamic rule, re-evaluating the tag can take a while in a large environment. However, you can see your latest tag re-evaluation on the tag list page under the REEVAL STATUS tab.
The following are the statuses you can view on the tag details page.
In progress: In this state, the assets are getting attached to the tag. The tag is evaluating, and assets are being added to the tag.
Completed: When all the assets are added to the tag and the process is completed. The tag has finished evaluating the assets.
To view all the action log details, go to the Tags tab and click View under Quick Actions menu > Click Action Log.
Go to the Tags tab and click Move to root under Quick Actions menu for a child tag. Once you perform 'Move to root' action, child tag will be moved to parent tag and carries all the children under it while moving to root.
Go to the Tags tab and you can see Filters dropdown. You can filter the list of tags using favourite, not in use, and in scope checkbox. You can also filter tags based on the color applied to tags.
If there are tags you assign frequently, adding them to favorites can save time. You can mark a tag as a favorite when adding a new tag or when editing an existing one. If a tag is already favourite, you can see an option to remove from favourite.
It's easy. Say you want to find assets with the tag "Windows All".
- Go to the Assets tab under Inventory menu, enter "tags" (no quotes) in the search field
- Select "tags.name" and enter your query: tags.name: Windows All
- Then press Enter button from your keyboard
You can also find the list of assets from Tags menu. From Quick Actions menu for a tag, click Find Assets and you can see list of assets associated with the tag.
Its easy to group your cloud assets according to the cloud provider they belong to. Tags are applied to assets found by cloud agents (AWS, AZURE, GCP), AssetView (EC2, Azure connectors), and CloudView (AWS, Azure, GCP connectors).
The query used during tag creation may display a subset of the results shown when the same query is run in the Assets tab. This is because the query in the Tag Creation wizard is always run in the context of the selected cloud provider.
For example the following query returns different results in the Tag Creation wizard and Asset search:
not aws.ec2.publicIpAddress is null
You must provide the cloud provider information in the Asset search to get results for a specific cloud provider.
provider:AWS and not aws.ec2.publicIpAddress is null
Similarly, use provider:Azure and provider:GCP for the respective cloud providers.
Tag your Amazon EC2 instances
Tag your Microsoft Azure instances
Tag your Google Cloud Platform instances