MariaDB Record

action={action}

Specify create, update, delete (using POST) or list (using GET or POST). See List Auth Records for type

echo_request={0|1}

Specify 1 to view (echo) input parameters in the XML output. By default these are not included.

ids={value}

Record IDs to update/delete. Specify record IDs and/or ID ranges (for example, 1359-1407). Multiple entries are comma separated.

title={value}

A title for the record. The title must be unique. Maximum 255 characters (ascii).

comments={value}

User defined comments. Maximum of 1999 characters.

MariaDB

ssl_verify={0|1}

Specify 1 for a complete SSL certificate validation.

- If unspecified (or ssl_verify=0), Qualys scanners authenticate with MySQL Servers that don’t use SSL or MariaDB servers that use SSL. However, in the SSL case, the server SSL certificate verification will be skipped.

- If ssl_verify=1, the Qualys scanners will only send a login request after verifying that a connection the MariaDB server uses SSL, the server SSL certificate is valid and matches the scanned host.

hosts={value}

A list of FQDNs for the hosts that correspond to all host IP addresses on which a custom SSL certificate signed by a trusted root CA is installed. Multiple hosts are comma separated.

database={value}

The database name to authenticate. Specify a valid MariaDB database name.

port={value}

The port the database name is running on. The default is 3306.

windows_config_file=
{value}

The path to the Windows mariadb config file. Access to this config file is required to run certain checks on Windows hosts.

Note: You must include one or both of these parameters in a create request: windows_config_file and unix_config_file.

unix_config_file=
{value}

The path to the Unix mariadb config file. Access to this config file is required to run certain checks on Unix hosts.

Note: You must include one or both of these parameters in a create request: windows_config_file and unix_config_file.

client_cert={value}

PEM-encoded X.509 certificate. Specify if certificate authentication is required by your server to establish an SSL connection.

client_key={value}

PEM-encoded RSA private key. Specify if certificate authentication is required by your server to establish an SSL connection.

Login credentials

login_type={basic|vault}

The login type is basic by default. You can choose vault (for vault based authentication).

username={value}

The username to be used for authentication to MariaDB server.

password={value}

The password to be used for authentication to MariaDB server.

Vault

vault_type={value}

The vault type to be used for authentication.

vault_id={value}

The vault ID where you want to retrieve the private key from. Certain vaults support this capability.

{vault parameters}

Vault specific parameters required depend on the vault type you’ve selected. See Vault Parameters

Target Hosts

ips={value}

The IP address(es) the server will log into using the record’s credentials. Multiple entries are comma separated.

(Optional to update record) IPs specified will overwrite existing IPs in the record, and existing IPs will be removed.

add_ips={value}

IPs to be added to an existing record. You may enter a combination of IPs and IP ranges. Multiple entries are comma separated.

remove_ips={value}

IPs to be removed from your record. You may enter a combination of IPs and ranges. Multiple entries are comma separated.

network_id={value}

The network ID for the record.