Quick Start
You can run QScanner using its Binary. This topic explains running a QScanner scan, and generating their respective outputs.
Using QScanner Binary
To run a vulnerability scan using QScanner Binary, follow the steps mentioned below.
- Download the latest QScanner Shell script from www.qualys.com/downloads/qscanner.
- Login to Qualys Cloud Platform and get the access token from CONFIGURATIONS > Access Token.
- To communicate with the Cloud Platform using QScanner, run
$ export QUALYS_ACCESS_TOKEN=<your-access-token>
- Run the following command to collect vulnerabilities.
$ ./qscanner --pod <POD name> image <Image name>
- A list of supported pods can be found in Appendix: POD Identifiers.
- You might need to provide --skip-verify-tls=true
flag if you are running in a proxy environment.
- For faster data collection you can make use of:
- Caching
- Storage Drivers
- Once data is collected, QScanner communicates (polls) with Qualys backend to fetch the vulnerability report. By default, this polling happens every 60 seconds, but it is configurable using the --poll-wait-interval
flag.
Sample Output
$ ./qscanner --pod US3 image centos
____ _____
/ __ \ / ___/ _____ ____ _ ____ ____ ___ _____
/ / / / \__ \ / ___/ / __ `/ / __ \ / __ \ / _ \ / ___/
/ /_/ / ___/ / / /__ / /_/ / / / / / / / / // __/ / /
\___\_\ /____/ \___/ \__,_/ /_/ /_/ /_/ /_/ \___/ /_/
By Qualys | version: 4.2.0-1
2024-08-26T11:57:54.034+0530 INFO New instance of qscanner-4.2.0-1 started with invocation ID fc90dc02-6d29-4642-96d0-5090fa5fb467
2024-08-26T11:57:54.034+0530 INFO Fetching image details
2024-08-26T11:57:57.278+0530 INFO Image source: remote
2024-08-26T11:57:58.830+0530 INFO Starting Metadata scan
2024-08-26T11:57:58.830+0530 INFO Metadata scan completed in 304.397µs
2024-08-26T11:57:58.830+0530 INFO Starting [os sca] scan
2024-08-26T11:58:02.784+0530 INFO [os sca] scan completed in 3.953913365s
2024-08-26T11:58:02.785+0530 INFO OS detected: CentOS Linux 8.4.2105
2024-08-26T11:58:02.785+0530 INFO OS package(s) detected: 180
2024-08-26T11:58:02.785+0530 INFO Technologies detected: 0
2024-08-26T11:58:02.785+0530 INFO Language package(s) detected: 0
2024-08-26T11:58:02.785+0530 INFO All scans completed in 3.954812719s
2024-08-26T11:58:02.787+0530 INFO Scan Result JSON created at /root/qualys/qscanner/data/5d0da3dc976460b72c77d94c8a1ad043720b0416bfc16c52c45d4847e53fadb6-ScanResult.json
2024-08-26T11:58:02.787+0530 INFO Creating changelist
2024-08-26T11:58:02.892+0530 INFO Compressed Changelist DB created at /root/qualys/qscanner/data/5d0da3dc976460b72c77d94c8a1ad043720b0416bfc16c52c45d4847e53fadb6-ChangeList.db.xz
2024-08-26T11:58:02.892+0530 INFO Uploading changelist /root/qualys/qscanner/data/5d0da3dc976460b72c77d94c8a1ad043720b0416bfc16c52c45d4847e53fadb6-ChangeList.db.xz
2024-08-26T11:58:04.338+0530 INFO Changelist uploaded successfully
2024-08-26T11:58:04.339+0530 INFO Skip fetching of policy evaluation result
2024-08-26T11:58:04.339+0530 INFO Fetching vulnerability report
2024-08-26T11:59:05.582+0530 INFO Vulnerability report received
2024-08-26T11:59:05.582+0530 INFO 1 vulnerability found!
2024-08-26T11:59:05.582+0530 INFO Severity 5: 1
2024-08-26T11:59:05.582+0530 INFO Severity 4: 0
2024-08-26T11:59:05.582+0530 INFO Severity 3: 0
2024-08-26T11:59:05.582+0530 INFO Severity 2: 0
2024-08-26T11:59:05.582+0530 INFO Severity 1: 0
Vulnerabilities:
2024-08-26T11:59:05.585+0530 INFO For more details refer /root/qualys/qscanner/data/5d0da3dc976460b72c77d94c8a1ad043720b0416bfc16c52c45d4847e53fadb6-Report.sarif.json
2024-08-26T11:59:05.585+0530 INFO Skipping policy evaluation