Configure Report Templates

You can check out our templates library where we publish templates commonly requested by our customers. Just go to Reports > Template > Import from Library and download as many as you'd like. You can configure these templates to suit your reporting goals.

Go to Reports > Templates > New and configure the report template settings.

We recommend Host Based Findings since it encompasses the latest vulnerability data from all of your scans. Each time you create a report, we'll automatically collect vulnerability data that we've indexed per host in your account - we refer to this as host based findings. This option gives you the most comprehensive and up to date picture of your vulnerability status.

Note:

• When you generate a Host-based scan report for Asset Groups with "ALL" option, the report shows only those assets that are added to VM. If you want to view the assets that are not in VM, add the asset tags associated with the assets to the Asset Tags filter using the Add Tag option when you generate the report. For example, in the report, to view agent-tracked assets that are not in VM, add the agent tag for these assets to the Asset Tags filter using the Add Tag option.

• While configuring a host-based report template based on asset group with its associated asset tags, if you choose to exclude certain asset tags from the report, any host assets that are a part of both the included and excluded asset tags do not get reported in the host based report. The report displays only the host asset details in the report. 

  Example:

  Host A is part of Asset Group – AG1. Host A is also part of Asset Tags (associated with asset group AG1) - AT1, AT2, AT3. You generate host based scan based on the following settings in the report template:

  • Asset Groups: AG1.

  • Include hosts that have any of the tag: AT1.

  • Do not include hosts that have tags: AT2.

  In this case, the host based report displays the host A asset details only. It shows only the asset details for Host A because Host A belongs to Asset Group – AG1. However, the report omits the associated tags details because Host A is linked to tags, include tag- AT1, and exclude tag AT2. Therefore, the Qualys system invalidates the tags associated with Host A and does not display any asset tag information.

You can create reports with trending information when you've selected Host Based Findings. If you use the default we'll include vulnerability information for the last 2 detections. In other words we'll analyze the last two detections for each vulnerability on each host and compare the current vulnerability status (New, Fixed, Re-Opened, Active) to the last known vulnerability status.

Do you want to analyze trends for a timeframe instead?

Only include scan results from the specified timeframe

Select Scan Based Findings to run a report based on saved scan results. This gives you a view of your risk at a particular moment in time (at the time of the scan). Each time you create a report with this setting, you must manually select saved scan results to include in the report. Vulnerability data and hosts included in your report are specific to the scans that you choose at run time.

On the Display tab, select how much information to include in the report, in both the summary and detailed results sections. You can choose to include report graphics, add custom text to the report footer, determine how the detailed results should be sorted and how much detail to include for each vulnerability.

> What is the text summary?

> Tell me about the vulnerability details

> Tell me about TruRisk details (ARS, ACS, QDS)

> Tell me about the custom footer

> Display information for cloud instances

> Display Qualys system IDs

> Tell me about MITRE ATT&CK (MITRE ATT&CK Tactic & Technique Details)  

On the Filter tab, choose from various options to filter the hosts and/or the vulnerabilities included in your report. See Reporting - The Basics to learn more or turn on help tips.

It's possible to flag specific services and ports as either "required" or "unauthorized". When these are marked as "required" or "unauthorized" and they are not detected, they will appear as vulnerabilities in the report by these QIDs:

- 38175 (Unauthorized Service Detected)
- 82043 (Unauthorized Open Port Detected)
- 38228 (Required Service Not Detected)
- 82051 (Required Port Not Detected)

Tip - Want your report to include certain QIDs? Select Custom for Selective Vulnerability Scanning in the Filters section of your report template and be sure to add these QIDs (in search lists).

Managers and Unit Managers can select this option to make the template globally available to all users. Once published as a global template, users have the option to save personal copies of the template and can use them as the basis for creating new, custom templates.

Permissions: When is option is selected by a Unit Manager, the template is available to users in their own business unit.

We'll create a new report using the report template you've configured. Go to Reports > Templates, select your template in the list, and then select Run from the menu. You can also go to Reports > Reports > New. Learn more

Schedule your report to run automatically - daily, weekly, monthly - and you'll get the most up to date vulnerability data with the most accurate trends. Learn more