Configure QCSA Image

Before proceeding with this step, ensure that the Shared and Private directories are created on the Linux Host:

  1. Download QCSA Image
  2. Configure QCSA Image in Linux Host 

Download QCSA Image

To create a QCSA Containerized Scanner, you need a QCSA image. To download the QCSA image, perform the following steps.

  1. Log into the Qualys Enterprise TruRisk™ Platform.
  2. Choose the Vulnerability Management application.
  3. Go to Scans > Appliance.
  4. Select New > Containerized Scanner Appliance.
  5. Click Download Image Only.
  6. Select the Download option in the File Location for Docker Container in the Distribution Package

    The file is downloaded with the name QCSA-x.x.x.tar.xz

    Containerized Scanner Appliances.

Configure QCSA Image in Linux Host 

  1. Copy the downloaded QCSA file to the Linux host.
  2. Load the QCSA image from QCSA-x.x.x.tar.xz using the following command:

    docker load <qcsa-x.x.x.tar.xz

    Sample

    [root@localhost ~]# docker load < qcsa-1.2.14-1.tar.xz
cb97a8a5516f: Loading layer [==================================================>]  258.5MB/258.5MB
c23a8cb0ebde: Loading layer [==================================================>]  3.584kB/3.584kB
2e944a244219: Loading layer [==================================================>]  10.24kB/10.24kB
417c906b6960: Loading layer [==================================================>]  438.3kB/438.3kB
b8482ffa5c32: Loading layer [==================================================>]  86.64MB/86.64MB
6691426f6723: Loading layer [==================================================>]  25.09kB/25.09kB
4aeed0e93e54: Loading layer [==================================================>]  1.992MB/1.992MB
992cf61a6f0b: Loading layer [==================================================>]   2.56kB/2.56kB
cdfd11e805d2: Loading layer [==================================================>]   2.56kB/2.56kB
934be6ed065e: Loading layer [==================================================>]  13.33MB/13.33MB
48534e9e1084: Loading layer [==================================================>]  157.6MB/157.6MB
Loaded image: localhost/qualys/qcsa:latest
[root@localhost ~]#
  3. Check the image on the Linux host using the following command:
    docker image ls

    Sample

    [root@localhost ~]# docker image ls
REPOSITORY              TAG       IMAGE ID       CREATED        SIZE
localhost/qualys/qcss   latest    127b3c09cd21   3 months ago   424MB
[root@localhost ~]#
 

  • The sample commands utilize Docker Engine as the container runtime, but they can also be executed using Podman.

  • A low cgroups PID limit (total number of processes and threads to run inside a container) on a Linux host may prevent the QCSA containerized scanner from executing larger scans. Running Containerized scanner with option '--pids-limit -1', this pids limit can be removed, or running containerized scanner with option '-e DISREGARD_PID_LIMIT=yes' will override the pids limit check.

For detailed information on the QCSA command parameters used in examples, refer to Containerized Command Components.

Next Step

Step 2: Generate Personalization Code

© 2025 Qualys, Inc. All rights reserved. Privacy Policy.