Troubleshooting

To troubleshoot or identify errors with your Qualys Virtual Scanner Appliance, retrieve the scanner’s system logs or capture a screenshot of a crashed instance.

Here are some methods for achieving this on the AWS cloud platform:

  • EC2 Serial Console
    It is used for retrieving system logs in real time and is only available on Nitro-based instance types. This is the recommended and most reliable method for troubleshooting.
  • Get System Log
    It returns 64 KB of buffered information that was posted shortly after an instance transition state such as start, stop, reboot, or terminate.
  • Instance Console Screenshot
    It is used for capturing a screenshot of a running instance or an unresponsive instance 

EC2 Serial Console 

You can access the latest serial console output at any time throughout the instance lifecycle. The serial console session through instance reboot and stop. During a reboot, you can view all boot messages since instance bootup.  

Access to the serial console is not available by default. Your organization must grant account access and configure IAM policies to allow your users access. For more information, refer to Configure access to the EC2 Serial Console.

EC2 serial console option is only supported on instances built on the AWS Nitro System.  

To connect to the EC2 serial console of your scanner instance go to  Actions > Monitor and troubleshoot > EC2 serial console.

Select EC2 serial console and then press Connect.

Only 1 active serial console connection is supported per instance.

Example of serial console output:

To capture and save a 64KB chunk of the scanner’s system log, you can use “aws ec2 get-console-output" CLI command.

For this purpose, click   icon to open EC2 CloudShell, a browser-based shell, where you can execute AWS CLI commands.

Then run the following AWS CLI command:

aws ec2 get-console-output --instance-id <instance id> --latest --output text >scanner.log
This command captures the most recent 64KB of your scanner’s system log and saves it to a file.  

Option ‘--latest’ is supported only on instance types that use the Nitro Hypervisor. 
For non-Nitro instance types the above command returns buffered information that was posted shortly after an instance transition state (start, stop, reboot, or terminate).

Optionally, you can download the file onto your local machine for further examination.

Go to Actions > Download in the CloudShell menu and type the name of the file you want to download.

Get System Log

For a scanner running on a non-Nitro instance type, you can use Get system log. However, the posted output does not update continuously, making this method unreliable for troubleshooting the scanner.

The EC2 instance console output displays the console output of your instance. It returns buffered information that was posted shortly after an instance transitions states  such as start, stop, reboot, and terminate.

To get the console output of your Qualys scanner instance, go to Actions > Monitor and troubleshoot > Get system log.

Only the most recent 64 KB of posted output is stored, which is available for at least 1 hour after the last posting. If needed, the file can be downloaded for further analysis.   

Instance Console Screenshot

You can capture and download a screenshot of the instance console while the instance is running or if it has crashed.

To capture a screenshot of your Qualys scanner go to Actions > Monitor and troubleshoot >  Get instance screenshot.

Click Download to download the Instance screenshot in JPEG format.

Instance System Status Checks

Amazon EC2 performs automated checks on every running EC2 instance to identify hardware and software issues.Amazon EC2 performs automated checks on every running EC2 instance to identify hardware and software issues. These checks detect underlying problems with your instance that require AWS involvement to repair. If a system status check fails, you can choose to wait for AWS to fix the issue, or you can resolve it yourself.

For instances using Amazon EBS, you can manually stop and start the instance, which usually results in the instance being moved to a new host. If your scanner is unexpectedly rebooting or shutting down, you may want to consider changing the instance type for this particular instance.

We recommend Qualys scanners to be deployed on the current generation instance types

Here is an example of an EC2 instance with passed Status checks.

The following are examples of problems that can cause system status checks to fail:

  • Loss of network connectivity
  • Loss of system power
  • Software issues on the physical host
  • Hardware issues on the physical host that affect network reachability.

For any errors and troubleshooting tips, visit Scanner Appliance Troubleshooting and FAQs.

© 2025 Qualys, Inc. All rights reserved. Privacy Policy.