List exceptions visible to the user. This API is supported using PC.
Permissions - Click here for permissions info
|
Parameter |
Required/Optional |
Data Type |
Description |
|---|---|---|---|
|
action=list |
Required |
String |
Specify action to list the exceptions. |
|
echo_request={0|1} |
Optional |
Integer |
Specify 1 to view (echo) input parameters in the XML output. By default these are not included. |
|
exception_number={value} |
Optional |
Integer |
Show a specific exception by specifying a valid exception number. |
|
ip={value} |
Optional |
Integer |
Show exceptions associated with a specific host by specifying a host IP address. You may enter individual IP address that belong to the Policy Compliance module. |
|
assignee_id={value} |
Optional |
Integer |
Show exceptions with a certain assignee by specifying an assignee’ user ID. |
|
network_name={value} |
Optional |
String |
Show exceptions for a particular network by specifying the network name.
|
|
truncation_limit={value} |
Optional |
Integer |
Specify the maximum number of exceptions to be listed per request. When not specified, the truncation limit is set to 1000 records. You may specify a value less than the default (1-999) or greater than the default (1001-1000000). |
|
Exception numbers |
|
|
|
|
exception_numbers={value} |
Optional |
Integer |
Show a specific exception by specifying a valid exception number. Multiple entries are comma separated. An exception number range is specified with a hyphen (for example, 289-292). |
|
exception_number_min={value} |
Optional |
Integer |
Show only exceptions that have a exception number greater than or equal to the specified value. |
|
exception_number_max={value} |
Optional |
Integer |
Show only exceptions that have exception number less than or equal to the specified value. |
|
Status |
|
|
|
|
status={value} |
Optional |
Boolean |
Show exceptions with specified status value: pending, approved, rejected or expired. Learn more |
|
is_active={0|1} |
Optional |
Integer |
Show only exceptions that are active or inactive in the output. Specify 1 to show only active exceptions. Specify 0 to show only inactive exceptions. When unspecified, both active and inactive exceptions are shown. |
|
Policy/Control Info |
|
|
|
|
control_id={value} |
Optional |
Integer |
Show exceptions for a specific control by specifying valid control ID. If the value is set to 23, the matching control IDs may include 23, 234, 2343, 233. |
|
control_statement={value} |
Optional |
Integer |
Show exceptions for certain controls associated with a certain policy by specifying control statement. Partial control statement is also valid. |
|
details={Basic|All|None} |
Optional |
Boolean |
Show the requested amount of information for each control. A valid value is: Basic (default) - All details except comments history. None - Only exception numbers. All - All details including comments history. |
|
policy_id={value} |
Optional |
Integer |
Show exceptions for controls associated with a certain policy by specifying a valid policy ID. |
|
id_max={value} |
Optional |
Integer |
Show only SCAP policies which have a maximum SCAP policy ID value. A valid SCAP policy ID is required. |
|
technology_name={value} |
Optional |
String |
Show exceptions for controls with a certain technology by specifying the technology name. |
|
History |
|
|
|
|
created_by={value} |
Optional |
Integer |
Show exceptions that were created by a particular user by specifying the user ID. |
|
modified_by={value} |
Optional |
Integer |
Show exceptions that were modified by a particular user by specifying the user ID. |
|
created_after_date={date} |
Optional |
Integer |
Show exceptions created (requested) after the specified date. The valid date format is mm/dd/yyyy. |
|
updated_after_date={date} |
Optional |
Integer |
Show exceptions that were updated after the specified date. The valid date format is mm/dd/yyyy. |
|
expired_before_date={date} |
Optional |
Integer |
Show exceptions that will expire before the specified date. The valid date format is mm/dd/yyyy. |
|
expired_after_date={date} |
Optional |
Integer |
Show exceptions that will expire after the specified date. The valid date format is mm/dd/yyyy. |
Pending - An exception is in a Pending state when first requested by a user. Also, if a previously accepted or rejected exception is reopened, then it goes back to Pending.
Approved - An exception is in an Approved state when it is reviewed and accepted by an authorized user. You would accept an exception if it's determined that the host should be exempt from the specified control. As long as the host is exempt for the control, a status of PassedE appears in compliance reports. The status changes back to Failed when the exception expires.
Rejected - An exception is in a Rejected state when it is reviewed and rejected by an authorized user. You would reject an exception if it's determined that the host should not be exempt from the specified control. When an exception is rejected, a status of Failed continues to appear for the host/control in compliance reports.
Expired - An exception is in an Expired state when the exception was previously accepted but the time limit has been reached. When an exception is expired, a status of Failed appears again for the host/control in compliance reports.
API Request
curl -u "USERNAME:PASSWORD" -H "X-Requested-With: curl demo 2" -D headers.15 "https://<qualys_base_url>/api/2.0/fo/compliance/exception/?action=list&exception_number=58&details=All"XML Output
<?xml version="1.0" encoding="UTF-8" ?>
"https://<qualys_base_url>/api/2.0/fo/compliance/exception/exception_list_output.dtd">
<EXCEPTION_LIST_OUTPUT>
<RESPONSE>
<DATETIME>2018-01-15T11:26:34Z</DATETIME>
<EXCEPTION_LIST>
<EXCEPTION>
<EXCEPTION_NUMBER>58</EXCEPTION_NUMBER>
<HOST>
<IP_ADDRESS>10.10.30.159</IP_ADDRESS>
</HOST>
<TECHNOLOGY>
<ID>11</ID>
<NAME><![CDATA[Red Hat Enterprise Linux 5.x]]></NAME>
</TECHNOLOGY>
<POLICY>
<ID>789422824</ID>
<NAME><![CDATA[RHEL 5.x]]></NAME>
</POLICY>
<CONTROL>
<CID>1073</CID>
<STATEMENT><![CDATA[Status of the 'Maximum Password Age'
setting
(expiration) / Accounts having the 'password never
expires'
flag set]]></STATEMENT>
<CRITICALITY>
<VALUE>5</VALUE>
<LABEL><![CDATA[URGENT]]></LABEL>
</CRITICALITY>
</CONTROL>
<ASSIGNEE><![CDATA[Scanner User]]></ASSIGNEE>
<STATUS>Rejected</STATUS>
<ACTIVE>1</ACTIVE>
<REOPEN_ON_EVIDENCE_CHANGE>0</REOPEN_ON_EVIDENCE_CHANGE>
<EXPIRATION_DATE>N/A</EXPIRATION_DATE>
<MODIFIED_DATE>2018-01-15T08:53:19Z</MODIFIED_DATE>
<HISTORY_LIST>
<HISTORY>
<USER><![CDATA[John (mnc_su)]]></USER>
<COMMENT><![CDATA[test]]></COMMENT>
<INSERTION_DATE>2018-01-05T06:48:13Z</INSERTION_DATE>
</HISTORY>
<HISTORY>
<USER><![CDATA[Bill (mnc_ru)]]></USER>
<COMMENT><![CDATA[test]]></COMMENT>
<INSERTION_DATE>2018-01-15T08:48:38Z</INSERTION_DATE>
</HISTORY>
<HISTORY>
<USER><![CDATA[Mark (mnc_au)]]></USER>
<COMMENT><![CDATA[test]]></COMMENT>
<INSERTION_DATE>2018-01-15T08:53:19Z</INSERTION_DATE>
</HISTORY>
</HISTORY_LIST>
</EXCEPTION>
...API Request
curl -s -k -u "USERNAME:PASSWORD" -H "X-Requested-With: Curl demo 2" -D headers.15 "https://<qualys_base_url>/api/2.0/fo/compliance/posture/info/?action=list&policy_id=1174&status=Failed"XML Output
<?xml version="1.0" encoding="UTF-8" ?>
"https://<qualys_base_url>/api/2.0/fo/compliance/posture/info/posture_info_list_output.dtd">
...
<INFO>
<ID>1174</ID>
<HOST_ID>563352</HOST_ID>
<CONTROL_ID>1072</CONTROL_ID>
<TECHNOLOGY_ID>2</TECHNOLOGY_ID>
<INSTANCE></INSTANCE>
<STATUS>Failed</STATUS>
<POSTURE_MODIFIED_DATE>2015-09
-02T08:16:33Z</POSTURE_MODIFIED_DATE>
</INFO>
...<platform API server>/api/2.0/fo/compliance/exception/exception_list_output.dtd