Create, update, list, and delete Apache Cassandra records for authenticated scans of Apache Cassandra instances. Compliance scans are supported (using PC).
Both basic and vault based authentication are supported. Vault based authentication is
supported for the following vaults:
• CyberArk AIM
• Thycotic Secret Server
• HashiCorp
• Azure Key
Input ParametersInput Parameters
| Parameter | Required/Optional | Data Type | Description |
|---|---|---|---|
| action={action} | Required | String | Specify any one of the following: create, update, list ,delete. |
| title={value} | Required to create a record | String | A title for the record. Optional to update record. |
| ips={value} | Required Optional to update record |
Integer | IPs to be added to your Apache Cassandra record. You may enter a combination of IPs and IP ranges to identify compliance hosts. Multiple entries are comma separated. Overwrites (replaces) the IP list for the authentication record. The IPs you specify are added and any existing IPs are removed |
| username={value} | Optional | String | The username to be used for authentication to Apache Cassandra. |
| password={value} | Optional | String | The password to be used for authentication to Apache Cassandra. |
| login_type={basic|vault} | Required | Boolean | The login type is basic by default. You can choose vault (for vault based authentication). Set to vault if a third party vault is used to retrieve the password. For vault based authentication, vault parameters need to |
| vault_id={value} | Required if login_type=vault | Integer | The ID of the vault to be used to retrieve the password for login. |
| vault_type={value} | Required if login_type=vault | String | The third party vault to be used to retrieve the password for login. Certain vaults support this capability. View our latest Vault Support Matrix. |
| port={value} | Optional | Integer | The port number that the Apache Cassandra database instance is running on. |
| ssl_verify_with_host={0|1} | Optional | Boolean | SSL verification. Set to 1 if you want to verify the server’s certificate is valid and trusted. |
| require_cert={0|1} | Optional | Boolean | Set this to 1 when you want to authenticate the Apache Cassandra instance via certificate and private_key. Enabling this from API switch on the Require Certificate toggle on UI. |
| certificate={value} | Required if require_cert is set to 1. | String | Certificate content |
| private_key={value} | Required if require_cert is set to 1. | String | private_key details |
| hosts={value} | Required if ssl_verify=1 | String | A list of FQDNs for all host IP addresses on which a custom SSL certificate signed by a trusted root CA is installed. |
| confpath={value} | Optional | String | The full path to Apache Cassandra yaml/yuml file. |
| basepath={value} | Optional | String | The base path to Apache Cassandra installation. |
| cleartext={0|1} | Optional | Boolean | Set to 1 to send user credentials in clear text. |
| ids={value} | Required to update record | Integer | Apache Cassandra Record IDs to update. Specify record IDs and/or ID ranges (for example, 1359-1407). Multiple entries are comma separated. |
| passphrase={value} | Optional | String | Specify password passphrase. If a client certificate is required, the private key specifies the client certificate. If this key is protected by a passphrase, you can provide it via this parameter. |
| use_vault_passphrase={0|1} | Optional | Boolean | Set to 1 if you want to store passphrase to vault. Enabling this from API switches the Get passphrase from vault toggle to Yes on the UI. |
| pp_vault_type={value} | Required if use_vault_passphrase parameter is set to 1 | String | If the passphrase is stored in a vault, this parameter indicates its vault type. Enter the type of the vault that stores the passphrase. |
| pp_vault_record={value} | Required if use_vault_passphrase parameter is set to 1 | Integer | If the passphrase is stored in a vault, this parameter indicates its vault ID. Enter the ID of the vault that stores the passphrase. |
| pp_<vault_parameters>={value} | Optional | If use_vault_passphrase parameter is set to 1 then all vault parameter fields must be added with prefix 'pp_' For example, pp_vault_type,pp_vault_record. Vault specific parameters required depend on the vault type you've selected. See Vault Parameters. |
Sample Create RecordSample Create Record
API Request
curl-s -S -H 'X-Requested-With:curl demo2' -u "xx_xx:yyyy123#" -d
"action=create&title=apache_cassandra_API_create&login_type=basic&usernam
e=test&password=abc123&ips=1.1.1.6&port=12"
"https://<qualys_base_url>/api/2.0/fo/auth/cassandra/"
XML Output
"<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE BATCH_RETURN SYSTEM
"https://<qualys_base_url>/api/2.0/batch_return.dtd">
<BATCH_RETURN>
<RESPONSE>
<DATETIME>2024-04-18T10:02:08Z</DATETIME>
<BATCH_LIST>
<BATCH>
<TEXT>Successfully Created</TEXT>
<ID_SET>
<ID>4547904</ID>
</ID_SET>
</BATCH>
</BATCH_LIST>
</RESPONSE>
</BATCH_RETURN>
Sample Update RecordSample Update Record
API Request
curl-s -S -H 'X-Requested-With:curl demo2' -u "xx_xx:yyyy123#" -d
"action=update&title=apache_cassandra_API_update&login_type=basic&usernam
e=testupdate&ids=4547904"
"https://<qualys_base_url>/api/2.0/fo/auth/cassandra/"
XML Output
"<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE BATCH_RETURN SYSTEM
"https://<qualys_base_url>/api/2.0/batch_return.dtd">
<BATCH_RETURN>
<RESPONSE>
<DATETIME>2024-04-18T10:06:56Z</DATETIME>
<BATCH_LIST>
<BATCH>
<TEXT>Successfully Updated</TEXT>
<ID_SET>
<ID>4547904</ID>
</ID_SET>
</BATCH>
</BATCH_LIST>
</RESPONSE>
</BATCH_RETURN>
Sample Delete RecordSample Delete Record
API Request
curl-s -S -H 'X-Requested-With:curl demo2' -u "xx_xx:yyyy123#" -d
"action=delete&ids=4545330"
"https://<qualys_base_url>/api/2.0/fo/auth/cassandra/"
XML Output
"<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE BATCH_RETURN SYSTEM
"https://<qualys_base_url>/api/2.0/batch_return.dtd">
<BATCH_RETURN>
<RESPONSE>
<DATETIME>2024-04-18T10:37:21Z</DATETIME>
<BATCH_LIST>
<BATCH>
<TEXT>Successfully Deleted</TEXT>
<ID_SET>
<ID>4545330</ID>
</ID_SET>
</BATCH>
</BATCH_LIST>
</RESPONSE>
</BATCH_RETURN>
API Request
curl-s -S -H 'X-Requested-With:curl demo2' -u "xx_xx:yyyy123#" -d
"action=list&ids=4547904"
"https://<qualys_base_url>/api/2.0/fo/auth/cassandra/"
XML Output
"<?xml version=""1.0"" encoding=""UTF-8"" ?>
<!DOCTYPE AUTH_CASSANDRA_LIST_OUTPUT SYSTEM ""https://<qualys_base_url>/api/2.0/fo/auth/cassandra/auth_cassandra_list_output.dtd"">
<AUTH_CASSANDRA_LIST_OUTPUT>
<RESPONSE>
<DATETIME>2024-04-18T10:22:00Z</DATETIME>
<AUTH_CASSANDRA_LIST>
<AUTH_CASSANDRA>
<ID>4547904</ID>
<TITLE><![CDATA[apache_cassandra_API_update]]></TITLE>
<USERNAME><![CDATA[testupdate]]></USERNAME>
<SSL_VERIFY><![CDATA[0]]></SSL_VERIFY>
<IP_SET>
<IP>1.1.1.6</IP>
</IP_SET>
<REQUIRE_CERT><![CDATA[0]]></REQUIRE_CERT>
<PORT><![CDATA[12]]></PORT>
<SSL_VERIFY_WITH_HOST><![CDATA[0]]></SSL_VERIFY_WITH_HOST>
<CLEARTEXT><![CDATA[0]]></CLEARTEXT>
<USE_VAULT_PASSPHRASE><![CDATA[0]]></USE_VAULT_PASSPHRASE>
<LOGIN_TYPE><![CDATA[basic]]></LOGIN_TYPE>
<CREATED>
<DATETIME>2024-04-18T10:02:08Z</DATETIME>
<BY>vsh_sm</BY>
</CREATED>
<LAST_MODIFIED>
<DATETIME>2024-04-18T10:09:27Z</DATETIME>
</LAST_MODIFIED>
</AUTH_CASSANDRA>
</AUTH_CASSANDRA_LIST>
</RESPONSE>
</AUTH_CASSANDRA_LIST_OUTPUT>
Type your dropdown text here
Qualys API Server URL/api/2.0/fo/auth/cassandra/auth_cassandra_list