Stop and Re-run Containerized Scanner

Running Containerized Scanner can be stopped or killed and recreated.

To stop the running Containerized Scanner, use the command #docker container stop <Containerized Scanner Name/Containerized Scanner Container ID>.

Use the following example:

Sample

[root@localhost ~]# docker container ls -a
CONTAINER ID  IMAGE                                                     COMMAND     CREATED        STATUS        PORTS       NAMES
75e4b6c3e253  art-hq.intranet.qualys.com:5001/dev-docker/QCSA:1.0.30-1  default     6 seconds ago  Up 6 seconds              Qualys_Container
[root@localhost ~]#
[root@localhost ~]# docker container stop Qualys_Container
Qualys_Container
[root@localhost ~]#
[root@localhost ~]# docker container ls -a
CONTAINER ID  IMAGE       COMMAND     CREATED     STATUS      PORTS       NAMES
[root@localhost ~]#

If the Containerized Scanner is not stopped/killed totally and exited, remove the exited Containerized Scanner using command #docker container rm <Containerized Scanner Name/Containerized Scanner Container ID>.

Use the following example:

Sample

[root@bhp-docker ~]# docker container ls -a
CONTAINER ID   IMAGE                                             COMMAND                  CREATED         STATUS         PORTS     NAMES
dad6468a865b   art-hq.intranet.qualys.com:5001/dev-docker/QCSA   "/usr/bin/docker-ent…"   8 seconds ago   Up 7 seconds             QCSA-test-1
[root@bhp-docker ~]#
[root@bhp-docker ~]# docker container stop QCSA-test-1
QCSA-test-1
[root@bhp-docker ~]#
[root@bhp-docker ~]# docker container ls -a
CONTAINER ID   IMAGE                                             COMMAND                  CREATED          STATUS                     PORTS     NAMES
dad6468a865b   art-hq.intranet.qualys.com:5001/dev-docker/QCSA   "/usr/bin/docker-ent…"   20 seconds ago   Exited (0) 4 seconds ago             QCSA-test-1
[root@bhp-docker ~]#
[root@bhp-docker ~]# docker container rm QCSA-test-1
QCSA-test-1
[root@bhp-docker ~]#
[root@bhp-docker ~]# docker container ls -a
CONTAINER ID   IMAGE     COMMAND   CREATED   STATUS    PORTS     NAMES
[root@bhp-docker ~]#
  • A containerized scanner cannot be Re-run if it is in an exited state. It must be removed entirely.
  • Re-running an existing containerized scanner does not require a new code; the same personalization code can be reused.

 

Once the Containerized Scanner is stopped, it can be restarted without providing Environment Variables PERSONALIZATION_CODE=$PERSONALIZATION_CODE & QUALYS_URL.

Use the following example.

Sample

[root@localhost ~]# PERSONALIZATION_CODE=xxx5xxx1xxx0xx; NAME=Qualys_Container; docker run -d -v /usr/qualys/common:/usr/local/qualys:z -v /usr/qualys/private/$PERSONALIZATION_CODE:/usr/local/qualys/admin/etc:z --name "$NAME" 6715167e4412
fa81afa51370f228838939c9fa395dba0015bfb6bfd282357f72ae68a587d8c5
[root@localhost ~]#

For any recreation of the Containerized Scanner, custom parameters for existing configurations, such as custom root CA, proxy, and many more, are required.

 

  • The sample commands utilize Docker Engine as the container runtime, but they can also be executed using Podman.

  • The default PID limit (total number of processes and threads to run inside a container) for Podman is 2048. If the Docker host already has active processes, this limit may prevent the QCSA containerized scanner from running larger scans. To avoid this restriction when using Podman, we recommend running the QCSA containerized scanner with the '--pid-limit -1' option.

For detailed information on the QCSA command parameters used in examples, refer to Containerized Command Components.

Related Topics

Understand the logs in Containerized Scanner

Docker Host Maintenance

Manage Containerized Scanner

Troubleshooting

 

© 2025 Qualys, Inc. All rights reserved. Privacy Policy.