Launch VM Scan on EC2 Assets
Click to view navigation pane

Launch VM Scan on EC2 Assets

POST/api/2.0/fo/scan/?action=launch

This API is used to launch VM scans on your Amazon EC2 assets (in your Amazon Web Services account).

A few things to consider...
- EC2 Scanning must be enabled for your Qualys account.
- Managers and Unit Managers can launch EC2 scans.
- Before scanning you’ll need to complete some set up steps. See Securing Amazon Web Services with Qualys

Input ParametersInput Parameters

Click here to view all parameters for launching VM EC2 scans.

Sample - Launch EC2 Vulnerability ScanSample - Launch EC2 Vulnerability Scan

Launch an EC2 vulnerability scan using the AWS EC2 Connector

API Request

curl -u "username:password" -H "X-Requested-With:curl demo" -d "action=launch&scan_title=MyEC2+Scan&connector_name=EC2_Connector&ec2_endpoint=us-east-1&target_from=tags&use_ip_nt_range_tags=0 &tag_include_selector=any&tag_set_by=id&tag_set_include=1558997,1559222&option_id=43165&iscanner_name=EC2-1" "https://<qualys_base_url>/api/2.0/fo/scan/"

XML Output

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE SIMPLE_RETURN SYSTEM "https://<qualys_base_url>/api/2.0/simple_return.dtd">
<SIMPLE_RETURN>
  <RESPONSE>
    <DATETIME>2018-02-25T21:32:40Z</DATETIME>
    <TEXT>New vm scan launched</TEXT>
    <ITEM_LIST>
      <ITEM>
        <KEY>ID</KEY>
        <VALUE>136992</VALUE>
      </ITEM>
      <ITEM>
        <KEY>REFERENCE</KEY>
        <VALUE>scan/1358285558.36992</VALUE>
      </ITEM>
    </ITEM_LIST>
  </RESPONSE>
</SIMPLE_RETURN>

Sample - Launch EC2 Vulnerability Scan for EC2 InstanceSample - Launch EC2 Vulnerability Scan for EC2 Instance

Launch a VM scan on EC2 instances using the parameter ec2_instance_ids.
This sample is for a vulnerability scan with a mix of valid and invalid instance IDs. The scan is launched on the valid instance IDs and the invalid instance IDs are listed in the output with the reasons they were considered invalid. Some did not belong to the EC2 environment and some were not activated for VM.

API Request

curl -u "USERNAME:PASSWORD" -H "X-Requested-With:curl" -d "action=launch&scan_title=Sample2&connector_name=EC2 Connector&ec2_endpoint=us-east-1&option_title=Initial Options&iscanner_name=EC2_Scanner&ec2_instance_ids=i01f234ce567ae890f,i0be12cb3da4567e8a,i-0d1f23d4ba5c67e8b,i-0123e456f7890f123,i012f3ceb4a5d6789d,i-0c123e4f567890123,i-012345a67bba89012,i01ba23a45cba678af,i-012345678dfc90efe,i-0ab12e3456baadeb7" "https://<qualys_base_url>/api/2.0/fo/scan/"

XML Output

<!DOCTYPE SIMPLE_RETURN SYSTEM
"https://<qualys_base_url>/api/2.0/fo/scan/dtd/launch_output.dt
d">
<SIMPLE_RETURN>
    <RESPONSE>
    <DATETIME>2021-11-19T09:13:21Z</DATETIME>
    <TEXT>New vm scan launched</TEXT>
    <NOTIFICATION>The following instances were skipped because they do 
    not belong to the selected EC2 environment: i-012f3ceb4a5d6789d,i-0c123e4f567890123, i-012345a67bba89012. The following instances 
    were skipped because they are not activated for VM: i-01ba23a45cba678af, i-012345678dfc90efe, i-0ab12e3456baadeb7.</NOTIFICATION>
    <ITEM_LIST>
    <ITEM>
    <KEY>ID</KEY>
    <VALUE>1140800</VALUE>
    </ITEM>
    <ITEM>
    <KEY>REFERENCE</KEY>
    <VALUE>scan/1637313199.40800</VALUE>
    </ITEM>
    </ITEM_LIST>
    </RESPONSE>
    </SIMPLE_RETURN>

DTD

<platform API server>/api/2.0/simple_return.dtd