Register Integration

Registers an integration.

POST /partner-integration/vm

Input ParametersInput Parameters

Parameter

Optional

/Mandatory

Data Type

Description

Name={value}

 Mandatory  String

Provide a unique name for the integration in the API request. The maximum length allowed for the name is 50 characters.

integrationType={value}

 Mandatory  String

Provide the inetgrationType as 's3-object-storage' for NetApp Integration.

accessKey={value}

 Mandatory  String

Provide the accessKey of the NetApp bucket where the findings are to be sent.

secretKey={value}

 Mandatory  String

Provide the secreteKey of the NetApp bucket where the findings are to be sent.

storageUrl={value}

 Mandatory  URL

Provide the Storage URL of the NetApp bucket.

bucket={value}

 Mandatory  String

Provide the name of the NetApp bucket to which the findings are to be sent.

region={value}

 Mandatory  String

Provide the region on which the NetApp bucket is hosted.

sendResultSection={true|false}

 Optional Boolean

Set this to true to include the result section in the finding. If you want to exclude the result section, set this parameter to false.

By default, the resultSectionNeeded parameter is configured to false.

sendVulnInfo={true|false}

 Optional Boolean

Set this to true if you need the vulnerability information. If you want to exclude the vulnerability information, set this parameter to false.
‎By default, the sendVulnInfo parameter is configured to false.

compressData={true|false}

 Optional Boolean

Set this to true to compress the data in the response. It saves on disk and network IO. If you want to exclude the compression, set this parameter to false.

By default, the compressData parameter is configured to true.

sendAlerts={true|false}

  Optional Boolean

Set to true to receive ProActive alert notifications.

errorEmails=[“value”]

 Optional Boolean

When sendAlerts is set to true, provide the email list for ProActive Alert notifications.
Add upto a List of  maximum 5 email addresses as comma-separated values.

filterQuery

 Optional  String

Filter vulnerabilities and assets using the supported tokens.

Filter Query Tokens

The Qualy Query Language is used to build search queries and fetch information from the Qualys database. You can pick the tokens from our repository and build your own query to find the relevant information.

For example, the following query fetches assessments of a specified qid, discovers ignored vulnerabilities and searches from the specified range of dates.

"vuln" : "qId: 11547 ignored: true AND lastUpdate: [2023-07-06 .. 2023-07-07]"

The below query fetches information of a specified asset id within the provided IP range.

"asset" : "assetUuid: `151334c4-3811-40b5-ba92-cfd0064eb9f4` AND ip: (1.1.1.1 .. 5.5.5.5)"

Learn more about building search queries using the Qualys Query Language (QQL) here.

The 'Now' keyword is not supported for QQL currently. Building search queries with it cannot produce any results.

The following tokens can be used to create the filterQuery for vulnerabilities and assets.

Vulnerability Filter Tokens

The tokens listed below can be used to create the filterQuery for vulnerabilities.

Token

Data Type

qid

LONG

port

LONG

ignored

BOOLEAN

Disabled

BOOLEAN

filterQuery

Optional

ssl

BOOLEAN

protocol

STRING

timesFound

LONG

status

STRING

firstFound

STRING

lastUpdate

STRING

lastProcessed

STRING

lastReopened

STRING

lastFixed

STRING

lastFound

STRING

lastTest

STRING

Asset Filter Tokens:

The tokens listed below can be used to create the filterQuery for assets. 

Token

Data Type

assetId

LONG

assetUuid

STRING

hostId

LONG

netBios

STRING

dns

STRING

ip

STRING

os

STRING

trackingMethod

STRING

SampleSample

API Request

"curl -H ‘Authorization":"Bearer <token>’""Content-Type:application/json""<qualys_gateway_url>/partner-integration/vm --data""@integration.json"

'integration.json' contains the request POST data.

Request POST Data (integration.json)

{
   "name":"<Integration_name>",
   "integrationConfig":{
      "integrationType":"s3-object-storage",
      "accessKey":"<accesskey of the netapp bucket>",
      "secretKey":"<secreteKey of the NetApp bucket>",
      "storageUrl":"<storageURL of the NetApp bucket>",
      "bucket":"<bucketName>",
      "region":"<region>"
   },
   "moduleConfig":{
      "sendResultSection":true,
      "sendVulnInfo":true,
      "compressData":true
   },
   "sendAlerts":true,
   "errorEmails":[
      "email address 1",
      “email address 2”
   ],
   "filterQuery":{
      "asset":"assetId: <assetID>",
      "vuln":"qid: <qId>"
   }
}

Output

{
   "integrationId":"<integration ID>",
   "integrationValidated":false,
   "sendAlerts":true
}

 

Related Topic

Update Integration