Update Azure Storage Blob Integration

Once you enable the Azure Storage Blob integration, you can update the name, connectionString, baseCategory, resultSectionNeeded, and other parameters of the Azure Storage Blob with Qualys.

PUT /partner-integration/azure/storage-blob/{integrationId}/vm

Input ParametersInput Parameters

Platform

Mandator

/Optional

Data Type

IP Address

connectionString={value}

Optional

String

Provide the connection string assigned to the container in Azure Storage Blob.

minSeverity={value}

Optional

Text

The minimum severity level of the vulnerabilities fetched from Qualys (VM/VMDR app) is to be posted on the Azure Storage Blob.

For example, if you set the value to 1, all findings with severity levels 1 to 5 are fetched and available on Azure Storage Blob.

baseCategory={IG|Potential| Confirmed}

Optional

Text

The category of the vulnerabilities fetched from Qualys (VM/VMDR app) is to be posted on Azure Storage Blob. The valid values are IG, Confirmed, and Potential.

  • By default, it is configured to Confirmed. In this case, only confirmed vulnerabilities are included.
  • If you configure the baseCategory as Potential, both Potential and Confirmed vulnerabilities are included.
  • If you configure the baseCategory as IG, all three categories are included.

name={value}

Optional

Text

Provide a unique name for the integration in the API request. The maximum length allowed for name is 50 characters.

resultSectionNeeded={true|false}

Optional

Boolean

Set this to true to include the result section in the findings.

sendVulnInfo={true|false}

Optional

Boolean

Set this to true if you need the vulnerability information.

compressData={true|false}

Optional

Boolean

Set this to true to compress the data in the response. Batch and compress data saves on disk and network IO.

containerName={value}

Optional

Text

Provide the name of the container, which was created under Azure Storage Blob account for this integration. You can find the vulnerability findings and vulnerability information in this container.

filterQuery

Optional

Query

Filter vulnerabilities and assets using the supported tokens.

Filter Query Tokens

The tokens listed below can be used to create the filterQuery for vulnerabilities and assets.

Vulnerability Filter Tokens

The following table lists vulnerability filter tokens and their data types.

Token

Data Type

qid

LONG

port

LONG

ignored

BOOLEAN

Disabled

BOOLEAN

filterQuery

Optional

ssl

BOOLEAN

protocol

STRING

timesFound

LONG

status

STRING

firstFound

STRING

lastUpdate

STRING

lastProcessed

STRING

lastReopened

STRING

lastFixed

STRING

lastFound

STRING

lastTest

STRING

Asset Filter Tokens

The following table lists asset filter tokens and their data types.

Token

Data Type

assetId

LONG

assetUuid

STRING

hostId

LONG

netBios

STRING

dns

STRING

ip

STRING

os

STRING

trackingMethod

STRING

SampleSample

API Request

"curl -X PUT --header""Content-Type:application/json""<qualys_gateway_urls>/partner-integration/azure/storage-blob/{integrationId}/vm""--data""@integration.json""-H""\"Authorization: Bearer <token>"	  
	  

“integration.json” contains the request PUT data.

Request PUT Data (integration.json)

{
   "connectionString":"BlobEndpoint=https://user_john.blob.core.windows.net/;SharedAccessSignature=sv=2019-12-12&ss=b&srt=co&sp=rwx&se=2020-09-04T22:36:36Z&st=2020-09-04T14:36:36Z&spr=https&sig=key%ckd%3D",
   "minSeverity":4,
   "baseCategory":"Potential",
   "name":"Integration name",
   "resultSectionNeeded":true,
   "sendVulnInfo":true,
   "compressData":false,
   "containerName":"qualys-vm-findings"
}	  
	  

Output

{
   "message":"Azure Storage Blob VM integration successfully updated."
}