Add Policies to CIPS

After enabling the CIPS service for your subscription and integrating your storage platform with Qualys, you need to add the required policies to CIPS using the dedicated APIs. Once you add the policies, CIPS proactively retrieves the posture data from PC and pushes it to your storage in near real time in JSON format.

The posture data is transferred only for the policies that are added to CIPS.

You can filter the posture data being transferred to your storage as required by defining a filter configuration in CIPS. For example, you can define a filter to get the data for only 'Failed' postures, reducing the filtering efforts during post-processing.

Qualys provides you with dedicated APIs for adding policies to CIPS, deleting policies, getting a list of policies added to CIPS, managing filter configuration, and so on.

Steps to Add Policies

You need to perform the following steps before CIPS starts sending posture data to your cloud storage platform.

1. Add the required policies to CIPS using the ‘Add Policy’ API. For more information, refer to Add Policy.

   Note: You can add up to 100 policies to CIPS.

2. Create a filter to limit the posture data transferred to your cloud storage platform, using the ‘Create Filter Configuration’ API. 

   You can filter posture data based on the posture status (Failed, Passed, or Error) and whether to exclude evidence data or not. If no filter is created, the entire posture data for the added policies is transferred.

3. Run a PC scan.

As the scan runs and generates posture data, CIPS proactively retrieves it and pushes it to your cloud storage.

CIPS synchronizes with the filter configuration every two hours. Therefore, any modifications to the filter configuration reflect in CIPS after 0 to 2 hours, depending on when you have modified the filter before the next synchronization run.