Add Policies to CIPS
After enabling the CIPS service for your subscription and integrating your storage platform with Qualys, you need to add the required policies to CIPS using the dedicated APIs. Once you add the policies, CIPS proactively retrieves the posture data from your PC and pushes it to your storage in near real-time in JSON format.
The posture data is transferred only for the policies added to CIPS.
By defining a filter configuration in CIPS, you can filter the posture data being transferred to your storage as required. For example, you can define a filter to get the data for only 'Failed' postures, reducing the filtering efforts during post-processing.
Qualys provides dedicated APIs for adding policies to CIPS, deleting policies, getting a list of policies added to CIPS, managing filter configuration, etc.
Steps to Add Policies
Before CIPS sends posture data to your cloud storage platform, perform the following steps.
- Add the required policies to CIPS using the ‘Add Policy’ API. For more information, see Add Policy.
You can add up to 100 policies to CIPS.
- Create a filter to limit the posture data transferred to your cloud storage platform using the ‘Create Filter Configuration’ API. For more information, see Create Filter Configuration.
You can filter posture data based on its status (Failed, Passed, or Error) and whether to exclude evidence data. If no filter is created, the entire posture data for the added policies is transferred.
- Run a PC scan.
As the scan runs and generates posture data, CIPS proactively retrieves it and pushes it to your cloud storage.
CIPS synchronizes with the filter configuration every two hours. Therefore, any modifications to the filter configuration reflect in CIPS after 0 to 2 hours, depending on when you have modified the filter before the next synchronization run.