Scanner Details

The new Scanner Details API helps you identify the scanner used to scan a particular IP address at a given time. This is supported for vulnerability scans only. This new API is especially useful when you’re scanning a large number of IPs using a pool of scanners and you’re not sure which scanner was used to scan a particular host.

The XML output will show the IP address scanned with the scan reference number, scan date, the scanner identifier (external scanner or scanner appliance name), scanner type (extranet or appliance) and scanner software versions.

Input ParametersInput Parameters

Parameter	Required/Optional	Data Type	Description
action=list	Required	String	Specify action to list scanner details.
scan_date_since={value}	Required	Integer	Include scans started since a certain date. Specify the date in YYYY-MM-DD format. The date must be less than or equal to today’s date.
scan_date_to={value}	Optional	Integer	Include scans started up to a certain date. Specify the date in YYYY-MM-DD format. The date must be later than or equal to scan_date_since, and less than or equal to today’s date.
ips={value}	Required	Integer	The IP addresses you want scanner details for. You may enter a combination of IPs and ranges. Multiple entries are comma separated.
output_format=XML	Optional	File	The output format: XML (the default)

Sample - List Scanner Details for Certain IPsSample - List Scanner Details for Certain IPs

API Request

curl -u "USERNAME:PASSWORD" -H "X-Requested-With: Curl" -d"action=list&ips=10.10.10.2-10.10.10.7,10.10.10.10&scan_date_since=2018-05-24&scan_date_to=2018-09-28" "https://<qualys_base_url>/api/2.0/fo/scan/scanner/"

XML Output

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE IP_SCANNERS_LIST_OUTPUT SYSTEM "https://<qualys_base_url>/api/2.0/fo/scan/scanner/scanner_list_output.dtd">
<IP_SCANNERS_LIST_OUTPUT>
  <RESPONSE>
    <DATETIME>2018-11-08T21:49:51Z</DATETIME>
    <IP_SCANNERS_OUTPUT>
      <IP_SCANNED>
        <IP>10.10.10.7</IP>
        <SCAN_REF>scan/1527197914.13102</SCAN_REF>
        <SCAN_DATE>2018-05-24T21:39:08Z</SCAN_DATE>
        <SCANNER_IDENTIFIER>external scanner</SCANNER_IDENTIFIER>
        <SCANNER_TYPE>extranet</SCANNER_TYPE>
        <ML_VERSION>ML-9.7.20-1</ML_VERSION>
        <VULNSIGS_VERSION>VULNSIGS-2.4.182-2</VULNSIGS_VERSION>
      </IP_SCANNED>
      <IP_SCANNED>
        <IP>10.10.10.10</IP>
        <SCAN_REF>scan/1527197914.13102</SCAN_REF>
        <SCAN_DATE>2018-05-24T21:39:08Z</SCAN_DATE>
        <SCANNER_IDENTIFIER>external scanner</SCANNER_IDENTIFIER>
        <SCANNER_TYPE>extranet</SCANNER_TYPE>
        <ML_VERSION>ML-9.7.20-1</ML_VERSION>
        <VULNSIGS_VERSION>VULNSIGS-2.4.182-2</VULNSIGS_VERSION>
      </IP_SCANNED>
      <IP_SCANNED>
        <IP>10.10.10.7</IP>
        <SCAN_REF>scan/1538093810.64913</SCAN_REF>
        <SCAN_DATE>2018-09-28T00:19:25Z</SCAN_DATE>
        <SCANNER_IDENTIFIER>Esxi_4_Network</SCANNER_IDENTIFIER>
        <SCANNER_TYPE>appliance</SCANNER_TYPE>
        <ML_VERSION>ML-9.10.21-1</ML_VERSION>
        <VULNSIGS_VERSION>VULNSIGS-2.4.284-2</VULNSIGS_VERSION>
      </IP_SCANNED>
      <IP_SCANNED>
        <IP>10.10.10.10</IP>
        <SCAN_REF>scan/1538093810.64913</SCAN_REF>
        <SCAN_DATE>2018-09-28T00:19:25Z</SCAN_DATE>
        <SCANNER_IDENTIFIER>Esxi_4_Network</SCANNER_IDENTIFIER>
        <SCANNER_TYPE>appliance</SCANNER_TYPE>
        <ML_VERSION>ML-9.10.21-1</ML_VERSION>
        <VULNSIGS_VERSION>VULNSIGS-2.4.284-2</VULNSIGS_VERSION>
      </IP_SCANNED>
    </IP_SCANNERS_OUTPUT>
  </RESPONSE>
</IP_SCANNERS_LIST_OUTPUT>

Scanner Details

Input ParametersInput Parameters

Sample - List Scanner Details for Certain IPsSample - List Scanner Details for Certain IPs

DTD