Qualys App for Splunk Enterprise with TA
To view what is new in this release, refer to the Release Notes.
Welcome to the Qualys App for Splunk Enterprise with TA!
The Qualys Technology Add-On (TA) for Splunk is a tool that can be used to access data from Qualys Enterprise TruRisk™ Platform, specifically Vulnerability Management (VM), Web Application Scanning (WAS), Policy Audit (PA), Container Security (CS), File Integrity Monitoring (FIM), Endpoint Detection & Response (EDR), VMDR Mobile earlier known as Security Enterprise Mobility (SEM), Policy Compliance Reporting Services (PCRS), CyberSecurity Asset Management (CSAM), Certificate View, and TotalCloud. It uses modular input to fetch data and index it, making it searchable in applications such as Splunk Enterprise Security, VM, WAS, and so on.
The Qualys Technology Add-On for Splunk enables security teams to consolidate vulnerability and risk data from the Qualys Enterprise TruRisk Platform into Splunk for searchable analysis. By fetching data and indexing it, the connector provides centralized visibility across multiple security domains, including vulnerability management, web application scanning, compliance auditing, and endpoint detection. This integration eliminates manual data-collection workflows and enables teams to correlate security findings with other enterprise data within Splunk's investigation framework. The connector's support for various Qualys modules means security practitioners can investigate threats and compliance posture from a single platform rather than juggling disparate tools.
The application uses Splunk’s Application Development framework and leverages existing Qualys APIs.
Policy Audit (PA) is an enhanced version of Policy Compliance (PC). Depending on your subscription, you may view Policy Audit (PA) or Policy Compliance (PC) in your application.
Prerequisites
For using the Splunk app, the following are the requirements:
- Valid Qualys account with API access
- Splunk Enterprise or Cloud account
- Computer with Linux