Data Collection Formats

QScanner supports data collection in the following formats:

  • Changelist DB - This will be generated if --format db is used or any mode other than inventory-only is provided. QScanner generates an LZMA compressed db file. This can be uncompressed using unxz Linux utility.
  • JSON - This will be generated if --format json is used. This is enabled by default.
  • SBOM (Software Bill of Material)
    • SPDX (Software Package Data Exchange) 
      • SPDX JSON - By default, the output is generated in SPDX JSON format. This will be uploaded to your account on Qualys Cloud Platform.
      • SPDX TLV - Output is generated in SPDX Tag-value format. To generate this, use --format spdx-tlv.
    • CycloneDX - Output is generated in CycloneDx format. To generate this, use --format cyclonedx. QScanner currently supports CycloneDX schema version v1.5.

To generate inventory in multiple output formats, use  --format flag. All the output files are saved in the output directory.
The default output directory is $USER_HOME_DIR/qualys/qscanner/data/.
This can be overridden using --output-dir flag.

 

 

© 2024 Qualys, Inc. All rights reserved. Privacy Policy.