Qualys VM, PC APIs
Click to view navigation pane


Option Profile Import

For API version information, refer to the API Version History section.

V2.0 | V3.0 | V4.0 | V5.0 | V6.0 |

V2.0

POST/api/2.0/fo/subscription/option_profile/?action=import

Import all option profiles defined in input XML file to the user's account. Manager role is required.

When calling the Import Option Profile API the user needs to pass the proper XML with Content-Type XML. This will create option profiles in that user’s subscription. All validations are applied as in the Qualys portal UI while creating option profiles using the API.

Validations and Constraints:

1) The Option Profile DTD file is used to validate a generated/exported Option Profile XML file.

2) An XSD file is used to validate a proper format and required elements of the option profile XML file when importing this file.

3) While importing, any Search Lists defined for Vulnerability Detection, Custom and/or Excluded Lists, must be created in the user’s subscription before making an Import Option Profile call. At import time we try to match the Search List “title” to a search list title in the user’s subscription. If a match is found the search list is used, otherwise “Complete” Vulnerability Detection is assigned.

4) Password Brute Force Lists are not imported and will always be empty assigned, regardless of Option Profile XML content.

5) Policies defined for the PC Scan Restriction feature are not imported and will be empty assigned, regardless of Option Profile XML content.

Input ParametersInput Parameters

Parameter

Required/Optional

Data Type

Description

action=import

Required

 String 

Specify action to import option profile.

echo_request={0|1}

Optional

 Integer 

Specify 1 to view (echo) input parameters in the XML output. By default these are not included.
scan_disconnected_esxi Optional Boolean Launch the authenticated scan on ESXi hosts without creating VMware authorization records and VMware, vCenter mapping.
1 - If set to 1, the Disconnected ESXi checkbox is selected.
0 - If set to 0, the Disconnected ESXi checkbox is not selected

Sample - Import Option ProfileSample - Import Option Profile

API Request

curl --location "<qualys_base_url>/api/2.0/fo/subscription/option_profile/?action=import" 
\--header "X-Requested-With: curl demo2"
\--header "Accept: */*"
\--header "Content-Type: text/xml" 
\--header "Authorization: Basic encoded username:password string" 
\--data "

Request POST Data

<!DOCTYPE OPTION_PROFILES SYSTEM "<qualys_base_url>/api/2.0/fo/subscription/option_profile/option_profile_info.dtd">
    <OPTION_PROFILES>
      <OPTION_PROFILE>
        <BASIC_INFO>
          <ID>1599154</ID>
          <GROUP_NAME><![CDATA[API_IMPORT_OP_1647433780]]></GROUP_NAME>
          <GROUP_TYPE>user</GROUP_TYPE>
          <USER_ID><![CDATA[Network Disabled (pv_nd)]]></USER_ID>
          <UNIT_ID>0</UNIT_ID>
          <SUBSCRIPTION_ID>915185</SUBSCRIPTION_ID>
          <IS_DEFAULT>0</IS_DEFAULT>
          <IS_GLOBAL>0</IS_GLOBAL>
          <IS_OFFLINE_SYNCABLE>0</IS_OFFLINE_SYNCABLE>
          <UPDATE_DATE>2019-03-19T09:13:26Z</UPDATE_DATE>
        </BASIC_INFO>
        <SCAN>
          <PORTS>
            <TCP_PORTS>
              <TCP_PORTS_TYPE>standard</TCP_PORTS_TYPE>
              <THREE_WAY_HANDSHAKE>0</THREE_WAY_HANDSHAKE>
            </TCP_PORTS>
            <UDP_PORTS>
              <UDP_PORTS_TYPE>standard</UDP_PORTS_TYPE>
            </UDP_PORTS>
            <AUTHORITATIVE_OPTION>0</AUTHORITATIVE_OPTION>
          </PORTS>
          <SCAN_DEAD_HOSTS>0</SCAN_DEAD_HOSTS>
          <PERFORMANCE>
            <PARALLEL_SCALING>0</PARALLEL_SCALING>
            <OVERALL_PERFORMANCE>Normal</OVERALL_PERFORMANCE>
            <HOSTS_TO_SCAN>
              <EXTERNAL_SCANNERS>15</EXTERNAL_SCANNERS>
              <SCANNER_APPLIANCES>30</SCANNER_APPLIANCES>
            </HOSTS_TO_SCAN>
            <PROCESSES_TO_RUN>
              <TOTAL_PROCESSES>10</TOTAL_PROCESSES>
              <HTTP_PROCESSES>10</HTTP_PROCESSES>
            </PROCESSES_TO_RUN>
            <PACKET_DELAY>Medium</PACKET_DELAY>
            <PORT_SCANNING_AND_HOST_DISCOVERY>Normal</PORT_SCANNING_AND_HOST_DISCOVERY>
          </PERFORMANCE>
          <LOAD_BALANCER_DETECTION>0</LOAD_BALANCER_DETECTION>
          <VULNERABILITY_DETECTION>
            <COMPLETE><![CDATA[complete]]></COMPLETE>
            <DETECTION_INCLUDE>
              <BASIC_HOST_INFO_CHECKS>0</BASIC_HOST_INFO_CHECKS>
              <OVAL_CHECKS>0</OVAL_CHECKS>
            </DETECTION_INCLUDE>
          </VULNERABILITY_DETECTION>
          <AUTHENTICATION><![CDATA[Windows,Unix,Oracle,Oracle Listener,SNMP,VMware,DB2,HTTP,MySQL,MongoDB,Tomcat Server,Oracle Weblogic Server,Palo Alto Networks Firewall,Jboss Server]]></AUTHENTICATION>
          <ADDL_CERT_DETECTION>0</ADDL_CERT_DETECTION>
          <TEST_AUTHENTICATION>1</TEST_AUTHENTICATION>
       <PERFORM_PARTIAL_SSL_TLS_AUDITING>1</PERFORM_PARTIAL_SSL_TLS_AUDITING>
        </SCAN>
        <MAP>
          <BASIC_INFO_GATHERING_ON>all</BASIC_INFO_GATHERING_ON>
          <TCP_PORTS>
            <TCP_PORTS_STANDARD_SCAN>1</TCP_PORTS_STANDARD_SCAN>
          </TCP_PORTS>
          <MAP_OPTIONS>
            <PERFORM_LIVE_HOST_SWEEP>1</PERFORM_LIVE_HOST_SWEEP>
            <DISABLE_DNS_TRAFFIC>0</DISABLE_DNS_TRAFFIC>
          </MAP_OPTIONS>
          <MAP_PERFORMANCE>
            <OVERALL_PERFORMANCE>Normal</OVERALL_PERFORMANCE>
            <MAP_PARALLEL>
              <EXTERNAL_SCANNERS>6</EXTERNAL_SCANNERS>
              <SCANNER_APPLIANCES>8</SCANNER_APPLIANCES>
              <NETBLOCK_SIZE>16384 IPs</NETBLOCK_SIZE>
            </MAP_PARALLEL>
            <PACKET_DELAY>Minimum</PACKET_DELAY>
          </MAP_PERFORMANCE>
          <MAP_AUTHENTICATION>none</MAP_AUTHENTICATION>
        </MAP>
        <ADDITIONAL>
          <HOST_DISCOVERY>
            <TCP_PORTS>
              <STANDARD_SCAN>1</STANDARD_SCAN>
            </TCP_PORTS>
            <UDP_PORTS>
              <STANDARD_SCAN>1</STANDARD_SCAN>
            </UDP_PORTS>
            <ICMP>1</ICMP>
          </HOST_DISCOVERY>
          <PACKET_OPTIONS>
     <IGNORE_FIREWALL_GENERATED_TCP_RST>0</IGNORE_FIREWALL_GENERATED_TCP_RST>
            <IGNORE_ALL_TCP_RST>0</IGNORE_ALL_TCP_RST> <IGNORE_FIREWALL_GENERATED_TCP_SYN_ACK>0</IGNORE_FIREWALL_GENERATED_TCP_SYN_ACK> <NOT_SEND_TCP_ACK_OR_SYN_ACK_DURING_HOST_DISCOVERY>0</NOT_SEND_TCP_ACK_OR_SYN_ACK_DURING_HOST_DISCOVERY>
          </PACKET_OPTIONS>
        </ADDITIONAL>
      </OPTION_PROFILE>
    </OPTION_PROFILES>

XML Output

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE SIMPLE_RETURN SYSTEM "<qualys_base_url>/api/2.0/simple_return.dtd">
<SIMPLE_RETURN>
    <RESPONSE>
        <DATETIME>2023-08-31T10:08:47Z</DATETIME>
        <TEXT>Successfully imported Option profile for the subscription Id 590924</TEXT>
        <ITEM_LIST>
            <ITEM>
                <KEY>2445059</KEY>
                <VALUE>API_IMPORT_OP_1647433780</VALUE>
            </ITEM>
        </ITEM_LIST>
    </RESPONSE>
</SIMPLE_RETURN>

Sample - Import Option ProfileSample - Import Option Profile

where the file “Export_OP.xml” contains the request POST data

API Request

curl -u "USERNAME:PASSWORD" -H "X-Requested-With:curl" -H "content-type: text/xml" -X POST --data-binary @Export_OP.xml "https://<qualys_base_url>/api/2.0/fo/subscription/option_profile/?action=import"

Request POST Data

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE OPTION_PROFILES SYSTEM "https://<qualys_base_url>/api/2.0/fo/subscription/option_profile/option_profile_info.dtd">
<OPTION_PROFILES>
  <OPTION_PROFILE>
    <BASIC_INFO>
      <ID>11123</ID>
      <GROUP_NAME><![CDATA[OP-SCAN]]></GROUP_NAME>
      <GROUP_TYPE>user</GROUP_TYPE>
      <USER_ID><![CDATA[John Doe (john_doe)]]></USER_ID>
      <UNIT_ID>0</UNIT_ID>
      <SUBSCRIPTION_ID>76084</SUBSCRIPTION_ID>
      <IS_DEFAULT>0</IS_DEFAULT>
      <IS_GLOBAL>1</IS_GLOBAL>
      <IS_OFFLINE_SYNCABLE>0</IS_OFFLINE_SYNCABLE>
      <UPDATE_DATE>N/A</UPDATE_DATE>
    </BASIC_INFO>
    <SCAN>
      <PORTS>
        <TCP_PORTS>
          <TCP_PORTS_TYPE>full</TCP_PORTS_TYPE>
          <THREE_WAY_HANDSHAKE>1</THREE_WAY_HANDSHAKE>
        </TCP_PORTS>
        <UDP_PORTS>
          <UDP_PORTS_TYPE>none</UDP_PORTS_TYPE>
          <UDP_PORTS_ADDITIONAL>
            <HAS_ADDITIONAL>1</HAS_ADDITIONAL>
            <ADDITIONAL_PORTS>1-1024,8080,8181</ADDITIONAL_PORTS>
          </UDP_PORTS_ADDITIONAL>
        </UDP_PORTS>
        <AUTHORITATIVE_OPTION>1</AUTHORITATIVE_OPTION>
      </PORTS>
      <SCAN_DEAD_HOSTS>1</SCAN_DEAD_HOSTS>
      <CLOSE_VULNERABILITIES>
        <HAS_CLOSE_VULNERABILITIES>1</HAS_CLOSE_VULNERABILITIES>
        <HOST_NOT_FOUND_ALIVE>7</HOST_NOT_FOUND_ALIVE>
      </CLOSE_VULNERABILITIES>
      <PURGE_OLD_HOST_OS_CHANGED>1</PURGE_OLD_HOST_OS_CHANGED>
      <PERFORMANCE>
        <PARALLEL_SCALING>1</PARALLEL_SCALING>
        <OVERALL_PERFORMANCE>Custom</OVERALL_PERFORMANCE>
        <HOSTS_TO_SCAN>
          <EXTERNAL_SCANNERS>30</EXTERNAL_SCANNERS>
          <SCANNER_APPLIANCES>48</SCANNER_APPLIANCES>
        </HOSTS_TO_SCAN>
        <PROCESSES_TO_RUN>
          <TOTAL_PROCESSES>18</TOTAL_PROCESSES>
          <HTTP_PROCESSES>18</HTTP_PROCESSES>
        </PROCESSES_TO_RUN>
        <PACKET_DELAY>Maximum</PACKET_DELAY>
<PORT_SCANNING_AND_HOST_DISCOVERY>Minimum</PORT_SCANNING_AND_HOST_DISCOVERY>
      </PERFORMANCE>
      <LOAD_BALANCER_DETECTION>1</LOAD_BALANCER_DETECTION>
      <PASSWORD_BRUTE_FORCING>
        <SYSTEM>
          <HAS_SYSTEM>1</HAS_SYSTEM>
          <SYSTEM_LEVEL>Standard</SYSTEM_LEVEL>
        </SYSTEM>
        <CUSTOM_LIST>
          <CUSTOM>
            <ID>3001</ID>
            <TITLE><![CDATA[123]]></TITLE>
            <TYPE>FTP</TYPE>
<LOGIN_PASSWORD><![CDATA[L:temp,P:123123123]]></LOGIN_PASSWORD>
          </CUSTOM>
        </CUSTOM_LIST>
      </PASSWORD_BRUTE_FORCING>
      <VULNERABILITY_DETECTION>
        <CUSTOM_LIST>
          <CUSTOM>
            <ID>2094</ID>
            <TITLE><![CDATA[Option Profile: Qualys Top 20 Options]]></TITLE>
          </CUSTOM>
          <CUSTOM>
            <ID>2095</ID>
            <TITLE><![CDATA[Option Profile: 2008 SANS20 Options]]></TITLE>
          </CUSTOM>
          <CUSTOM>
            <ID>2096</ID>
            <TITLE><![CDATA[Scan Report Template: High Severity Report]]></TITLE>
          </CUSTOM>
          <CUSTOM>
            <ID>5230</ID>
            <TITLE><![CDATA[118960]]></TITLE>
          </CUSTOM>
          <CUSTOM>
            <ID>87936</ID>
            <TITLE><![CDATA[Bash Shellshock Detection]]></TITLE>
          </CUSTOM>
          <CUSTOM>
            <ID>87937</ID>
            <TITLE><![CDATA[Heartbleed Detection]]></TITLE>
          </CUSTOM>
          <CUSTOM>
            <ID>87938</ID>
            <TITLE><![CDATA[Windows Authentication Results v.1]]></TITLE>
          </CUSTOM>
          <CUSTOM>
            <ID>87939</ID>
            <TITLE><![CDATA[Unix Authentication Results v.1]]></TITLE>
          </CUSTOM>
          <CUSTOM>
            <ID>87940</ID>
            <TITLE><![CDATA[Inventory Results v.1]]></TITLE>
          </CUSTOM>
          <CUSTOM>
            <ID>87941</ID>
            <TITLE><![CDATA[SSL Certificates]]></TITLE>
          </CUSTOM>
        </CUSTOM_LIST>
        <DETECTION_INCLUDE>
          <BASIC_HOST_INFO_CHECKS>1</BASIC_HOST_INFO_CHECKS>
          <OVAL_CHECKS>1</OVAL_CHECKS>
        </DETECTION_INCLUDE>
        <DETECTION_EXCLUDE>
          <CUSTOM_LIST>
            <CUSTOM>
              <ID>2099</ID>
              <TITLE><![CDATA[DL]]></TITLE>
            </CUSTOM>
          </CUSTOM_LIST>
        </DETECTION_EXCLUDE>
      </VULNERABILITY_DETECTION>
      <AUTHENTICATION><![CDATA[Windows,Unix,Oracle,Oracle Listener,SNMP,VMware,DB2,HTTP,MySQL]]></AUTHENTICATION>
      <AUTHENTICATION_LEAST_PRIVILEGE><![CDATA[Unix]]></AUTHENTICATION_LEAST_PRIVILEGE>
      <ADDL_CERT_DETECTION>1</ADDL_CERT_DETECTION>
      <DISSOLVABLE_AGENT>
        <DISSOLVABLE_AGENT_ENABLE>1</DISSOLVABLE_AGENT_ENABLE>
<WINDOWS_SHARE_ENUMERATION_ENABLE>1</WINDOWS_SHARE_ENUMERATION_ENABLE>
      </DISSOLVABLE_AGENT>
      <LITE_OS_SCAN>1</LITE_OS_SCAN>
      <CUSTOM_HTTP_HEADER>
        <VALUE>AFCD</VALUE>
      </CUSTOM_HTTP_HEADER>
      <FILE_INTEGRITY_MONITORING>
       <AUTO_UPDATE_EXPECTED_VALUE>1</AUTO_UPDATE_EXPECTED_VALUE>
      </FILE_INTEGRITY_MONITORING>
      <DO_NOT_OVERWRITE_OS>1</DO_NOT_OVERWRITE_OS>
      <SYSTEM_AUTH_RECORD>
          <INCLUDE_SYSTEM_AUTH>
              <ON_DUPLICATE_USE_SYSTEM_AUTH>1</ON_DUPLICATE_USE_SYSTEM_AUTH>
          </INCLUDE_SYSTEM_AUTH>
      </SYSTEM_AUTH_RECORD>
    </SCAN>
    <MAP>
      <BASIC_INFO_GATHERING_ON>netblockonly</BASIC_INFO_GATHERING_ON>
      <TCP_PORTS>
        <TCP_PORTS_STANDARD_SCAN>1</TCP_PORTS_STANDARD_SCAN>
        <TCP_PORTS_ADDITIONAL>
          <HAS_ADDITIONAL>1</HAS_ADDITIONAL>
          <ADDITIONAL_PORTS>1,2,3,80</ADDITIONAL_PORTS>
        </TCP_PORTS_ADDITIONAL>
      </TCP_PORTS>
      <UDP_PORTS>
        <UDP_PORTS_STANDARD_SCAN>1</UDP_PORTS_STANDARD_SCAN>
        <UDP_PORTS_ADDITIONAL>
          <HAS_ADDITIONAL>1</HAS_ADDITIONAL>
          <ADDITIONAL_PORTS>4,5,6,8181</ADDITIONAL_PORTS>
        </UDP_PORTS_ADDITIONAL>
      </UDP_PORTS>
      <MAP_OPTIONS>
        <PERFORM_LIVE_HOST_SWEEP>1</PERFORM_LIVE_HOST_SWEEP>
        <DISABLE_DNS_TRAFFIC>1</DISABLE_DNS_TRAFFIC>
      </MAP_OPTIONS>
      <MAP_PERFORMANCE>
        <OVERALL_PERFORMANCE>Custom</OVERALL_PERFORMANCE>
        <MAP_PARALLEL>
          <EXTERNAL_SCANNERS>16</EXTERNAL_SCANNERS>
          <SCANNER_APPLIANCES>14</SCANNER_APPLIANCES>
          <NETBLOCK_SIZE>64</NETBLOCK_SIZE>
        </MAP_PARALLEL>
        <PACKET_DELAY>Medium</PACKET_DELAY>
      </MAP_PERFORMANCE>
      <MAP_AUTHENTICATION>VMware</MAP_AUTHENTICATION>
    </MAP>
    <ADDITIONAL>
      <HOST_DISCOVERY>
        <TCP_PORTS>
          <STANDARD_SCAN>1</STANDARD_SCAN>
          <TCP_ADDITIONAL>
            <HAS_ADDITIONAL>1</HAS_ADDITIONAL>
            <ADDITIONAL_PORTS>1-6,1024</ADDITIONAL_PORTS>
          </TCP_ADDITIONAL>
        </TCP_PORTS>
        <UDP_PORTS>
          <STANDARD_SCAN>1</STANDARD_SCAN>
        </UDP_PORTS>
        <ICMP>1</ICMP>
      </HOST_DISCOVERY>
      <BLOCK_RESOURCES>
<WATCHGUARD_DEFAULT_BLOCKED_PORTS>1</WATCHGUARD_DEFAULT_BLOCKED_PORTS>
        <ALL_REGISTERED_IPS>1</ALL_REGISTERED_IPS>
      </BLOCK_RESOURCES>
      <PACKET_OPTIONS>
<IGNORE_FIREWALL_GENERATED_TCP_RST>1</IGNORE_FIREWALL_GENERATED_TCP_RST>
        <IGNORE_ALL_TCP_RST>1</IGNORE_ALL_TCP_RST>
<IGNORE_FIREWALL_GENERATED_TCP_SYN_ACK>1</IGNORE_FIREWALL_GENERATED_TCP_SYN_ACK>
<NOT_SEND_TCP_ACK_OR_SYN_ACK_DURING_HOST_DISCOVERY>1</NOT_SEND_TCP_ACK_OR_SYN_ACK_DURING_HOST_DISCOVERY>
      </PACKET_OPTIONS>
    </ADDITIONAL>
  </OPTION_PROFILE>
</OPTION_PROFILES>

XML Output

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE SIMPLE_RETURN SYSTEM "https://<qualys_base_url>/api/2.0/simple_return.dtd">
<SIMPLE_RETURN>
 <RESPONSE>
   <DATETIME>2017-04-03T11:17:43Z</DATETIME>
   <TEXT>Successfully imported Option profile for the subscription Id 76084</TEXT>
   <ITEM_LIST>
     <ITEM>
       <KEY>111234</KEY>
       <VALUE>PCI-John</VALUE>
     </ITEM>
   </ITEM_LIST>
 </RESPONSE>
</SIMPLE_RETURN>

Sample - Import Option ProfileSample - Import Option Profile

API Request

curl --location 'https://<qualys_base_url>/api/2.0/fo/subscription/option_profile/?action=import' \
--header 'X-Requested-With: curl' \
--header 'Content-Type: application/xml' \
--header 'Authorization: Basic encoded username:password string ' \
--data '

Request POST Data

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE OPTION_PROFILES SYSTEM "https://<qualys_base_url>/api/2.0/fo/subscription/option_profile/option_profile_info.dtd">
<OPTION_PROFILES>
    <OPTION_PROFILE>
        <BASIC_INFO>
            <ID>26210000</ID>
            <GROUP_NAME>
                <![CDATA[OP import API]]>
            </GROUP_NAME>
            <GROUP_TYPE>user</GROUP_TYPE>
            <USER_ID>
                <![CDATA[John Doe (john_doe)]]>
            </USER_ID>
            <UNIT_ID>0</UNIT_ID>
            <SUBSCRIPTION_ID>1309337</SUBSCRIPTION_ID>
            <IS_DEFAULT>0</IS_DEFAULT>
            <IS_GLOBAL>1</IS_GLOBAL>
            <IS_OFFLINE_SYNCABLE>0</IS_OFFLINE_SYNCABLE>
            <UPDATE_DATE>2024-09-02T10:25:44Z</UPDATE_DATE>
        </BASIC_INFO>
        <SCAN>
            <PORTS>
                <TCP_PORTS>
                    <TCP_PORTS_TYPE>full</TCP_PORTS_TYPE>
                    <THREE_WAY_HANDSHAKE>0</THREE_WAY_HANDSHAKE>
                </TCP_PORTS>
                <UDP_PORTS>
                    <UDP_PORTS_TYPE>full</UDP_PORTS_TYPE>
                </UDP_PORTS>
                <AUTHORITATIVE_OPTION>0</AUTHORITATIVE_OPTION>
            </PORTS>
            <SCAN_DEAD_HOSTS>0</SCAN_DEAD_HOSTS>
            <PURGE_OLD_HOST_OS_CHANGED>1</PURGE_OLD_HOST_OS_CHANGED>
            <PERFORMANCE>
                <PARALLEL_SCALING>1</PARALLEL_SCALING>
                <OVERALL_PERFORMANCE>Normal</OVERALL_PERFORMANCE>
                <HOSTS_TO_SCAN>
                    <EXTERNAL_SCANNERS>15</EXTERNAL_SCANNERS>
                    <SCANNER_APPLIANCES>30</SCANNER_APPLIANCES>
                </HOSTS_TO_SCAN>
                <PROCESSES_TO_RUN>
                    <TOTAL_PROCESSES>10</TOTAL_PROCESSES>
                    <HTTP_PROCESSES>10</HTTP_PROCESSES>
                </PROCESSES_TO_RUN>
                <PACKET_DELAY>Medium</PACKET_DELAY>
                <PORT_SCANNING_AND_HOST_DISCOVERY>Normal</PORT_SCANNING_AND_HOST_DISCOVERY>
                <HOST_CGI_CHECKS>0</HOST_CGI_CHECKS>
                <MAX_TARGETS_PER_SLICE>0</MAX_TARGETS_PER_SLICE>
                <CONF_SCAN_LIMITED_CONNECTIVITY>0</CONF_SCAN_LIMITED_CONNECTIVITY>
                <SKIP_PRE_SCANNING>0</SKIP_PRE_SCANNING>
            </PERFORMANCE>
            <LOAD_BALANCER_DETECTION>0</LOAD_BALANCER_DETECTION>
            <VULNERABILITY_DETECTION>
                <CUSTOM_LIST>
                    <CUSTOM>
                        <ID>1616684</ID>
                        <TITLE>
                            <![CDATA[VM-22616 - Search Lists - CRM]]>
                        </TITLE>
                    </CUSTOM>
                </CUSTOM_LIST>
                <DETECTION_INCLUDE>
                    <BASIC_HOST_INFO_CHECKS>1</BASIC_HOST_INFO_CHECKS>
                    <OVAL_CHECKS>0</OVAL_CHECKS>
                    <QRDI_CHECKS>0</QRDI_CHECKS>
                </DETECTION_INCLUDE>
            </VULNERABILITY_DETECTION>
            <ADDL_CERT_DETECTION>0</ADDL_CERT_DETECTION>
            <DISSOLVABLE_AGENT>
                <DISSOLVABLE_AGENT_ENABLE>1</DISSOLVABLE_AGENT_ENABLE>
                <WINDOWS_SHARE_ENUMERATION_ENABLE>0</WINDOWS_SHARE_ENUMERATION_ENABLE>
            </DISSOLVABLE_AGENT>
        </SCAN>
        <MAP>
            <BASIC_INFO_GATHERING_ON>all</BASIC_INFO_GATHERING_ON>
            <TCP_PORTS>
                <TCP_PORTS_STANDARD_SCAN>1</TCP_PORTS_STANDARD_SCAN>
            </TCP_PORTS>
            <MAP_OPTIONS>
                <PERFORM_LIVE_HOST_SWEEP>1</PERFORM_LIVE_HOST_SWEEP>
                <DISABLE_DNS_TRAFFIC>0</DISABLE_DNS_TRAFFIC>
            </MAP_OPTIONS>
            <MAP_PERFORMANCE>
                <OVERALL_PERFORMANCE>Normal</OVERALL_PERFORMANCE>
                <MAP_PARALLEL>
                    <EXTERNAL_SCANNERS>6</EXTERNAL_SCANNERS>
                    <SCANNER_APPLIANCES>8</SCANNER_APPLIANCES>
                    <NETBLOCK_SIZE>16384 IPs</NETBLOCK_SIZE>
                </MAP_PARALLEL>
                <PACKET_DELAY>Minimum</PACKET_DELAY>
            </MAP_PERFORMANCE>
            <MAP_AUTHENTICATION>none</MAP_AUTHENTICATION>
        </MAP>
        <ADDITIONAL>
            <HOST_DISCOVERY>
                <TCP_PORTS>
                    <STANDARD_SCAN>1</STANDARD_SCAN>
                </TCP_PORTS>
                <UDP_PORTS>
                    <STANDARD_SCAN>1</STANDARD_SCAN>
                </UDP_PORTS>
                <ICMP>0</ICMP>
            </HOST_DISCOVERY>
            <PACKET_OPTIONS>
                <IGNORE_FIREWALL_GENERATED_TCP_RST>1</IGNORE_FIREWALL_GENERATED_TCP_RST>
                <IGNORE_ALL_TCP_RST>0</IGNORE_ALL_TCP_RST>
                <IGNORE_FIREWALL_GENERATED_TCP_SYN_ACK>1</IGNORE_FIREWALL_GENERATED_TCP_SYN_ACK>
                <NOT_SEND_TCP_ACK_OR_SYN_ACK_DURING_HOST_DISCOVERY>0</NOT_SEND_TCP_ACK_OR_SYN_ACK_DURING_HOST_DISCOVERY>
            </PACKET_OPTIONS>
        </ADDITIONAL>
    </OPTION_PROFILE>
</OPTION_PROFILES>'
                               
            
            
            
          
              
          
          
    
            
            
          
            
           
        

XML Output

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE SIMPLE_RETURN SYSTEM "<qualys_base_url>/api/2.0/simple_return.dtd"> 
<SIMPLE_RETURN>
    <RESPONSE>
        <DATETIME>2024-08-12T11:27:42Z</DATETIME>
        <TEXT>Successfully imported Option profile for the subscription Id 75299</TEXT>
        <ITEM_LIST>
            <ITEM>
                <KEY>70018</KEY>
                <VALUE>
                 OptionProfile-Import6
                </VALUE>
            </ITEM>
        </ITEM_LIST>
    </RESPONSE>
</SIMPLE_RETURN>

DTD (Request POST Data)

<platform API server>/api/2.0/fo/subscription/option_profile/option_profile_info.dtd

DTD (XML Output)

<platform API server>/api/2.0/simple_return.dtd

V3.0

POST/api/3.0/fo/subscription/option_profile/?action=import

Import all option profiles defined in input XML file to the user's account. Manager role is required.

When calling the Import Option Profile API the user needs to pass the proper XML with Content-Type XML. This will create option profiles in that user’s subscription. All validations are applied as in the Qualys portal UI while creating option profiles using the API.

Validations and Constraints:

1) The Option Profile DTD file is used to validate a generated/exported Option Profile XML file.

2) An XSD file is used to validate a proper format and required elements of the option profile XML file when importing this file.

3) While importing, any Search Lists defined for Vulnerability Detection, Custom and/or Excluded Lists, must be created in the user’s subscription before making an Import Option Profile call. At import time we try to match the Search List “title” to a search list title in the user’s subscription. If a match is found the search list is used, otherwise “Complete” Vulnerability Detection is assigned.

4) Password Brute Force Lists are not imported and will always be empty assigned, regardless of Option Profile XML content.

5) Policies defined for the PC Scan Restriction feature are not imported and will be empty assigned, regardless of Option Profile XML content.

Input ParametersInput Parameters

Sample - Import Option ProfileSample - Import Option Profile

Sample - Import Option ProfileSample - Import Option Profile

where the file “Export_OP.xml” contains the request POST data

API Request

curl --location
"https://<qualys_base_url>/api/3.0/fo/subscription/option_profile/?action=import"
\
--header "X-Requested-With: postman" \
--header "Content-Type: application/xml" \
--header "Authorization: Basic YWdtc19uYjpRYXRlbXAxMjMj" \

Request POST Data

<OPTION_PROFILES>
    <OPTION_PROFILE>
        <BASIC_INFO>
            <ID>2639142</ID>
            <GROUP_NAME>
                <![CDATA[Option_profile_vCenter_scan_disconnected_esxi_mobimport]]>
            </GROUP_NAME>
            <GROUP_TYPE>user</GROUP_TYPE>
            <USER_ID>
                <![CDATA[John Manager (agms_jb)]]>
            </USER_ID>
            <UNIT_ID>0</UNIT_ID>
            <SUBSCRIPTION_ID>194334</SUBSCRIPTION_ID>
            <IS_DEFAULT>0</IS_DEFAULT>
            <IS_GLOBAL>0</IS_GLOBAL>
            <IS_OFFLINE_SYNCABLE>0</IS_OFFLINE_SYNCABLE>
            <UPDATE_DATE>2024-07-08T13:16:26Z</UPDATE_DATE>
        </BASIC_INFO>
        <SCAN>
            <PORTS>
                <TCP_PORTS>
                    <TCP_PORTS_TYPE>none</TCP_PORTS_TYPE>
                    <THREE_WAY_HANDSHAKE>0</THREE_WAY_HANDSHAKE>
                </TCP_PORTS>
                <UDP_PORTS>
                    <UDP_PORTS_TYPE>none</UDP_PORTS_TYPE>
                </UDP_PORTS>
                <AUTHORITATIVE_OPTION>0</AUTHORITATIVE_OPTION>
            </PORTS>
            <SCAN_DEAD_HOSTS>0</SCAN_DEAD_HOSTS>
            <PURGE_OLD_HOST_OS_CHANGED>0</PURGE_OLD_HOST_OS_CHANGED>
            <PERFORMANCE>
                <PARALLEL_SCALING>0</PARALLEL_SCALING>
                <OVERALL_PERFORMANCE>Normal</OVERALL_PERFORMANCE>
                <HOSTS_TO_SCAN>
                    <EXTERNAL_SCANNERS>15</EXTERNAL_SCANNERS>
                    <SCANNER_APPLIANCES>30</SCANNER_APPLIANCES>
                </HOSTS_TO_SCAN>
                <PROCESSES_TO_RUN>
                    <TOTAL_PROCESSES>10</TOTAL_PROCESSES>
                    <HTTP_PROCESSES>10</HTTP_PROCESSES>
                </PROCESSES_TO_RUN>
                <PACKET_DELAY>Medium</PACKET_DELAY>
                <PORT_SCANNING_AND_HOST_DISCOVERY>Normal</PORT_SCANNING_AND_HOST_DISCOVERY>
            </PERFORMANCE>
            <LOAD_BALANCER_DETECTION>0</LOAD_BALANCER_DETECTION>
            <VULNERABILITY_DETECTION>
                <COMPLETE>
                    <![CDATA[complete]]>
                </COMPLETE>
                <DETECTION_INCLUDE>
                    <BASIC_HOST_INFO_CHECKS>0</BASIC_HOST_INFO_CHECKS>
                    <OVAL_CHECKS>0</OVAL_CHECKS>
                    <QRDI_CHECKS>0</QRDI_CHECKS>
                </DETECTION_INCLUDE>
            </VULNERABILITY_DETECTION>
            <ADDL_CERT_DETECTION>0</ADDL_CERT_DETECTION>
        </SCAN>
        <MAP>
            <BASIC_INFO_GATHERING_ON>none</BASIC_INFO_GATHERING_ON>
            <MAP_OPTIONS>
                <PERFORM_LIVE_HOST_SWEEP>0</PERFORM_LIVE_HOST_SWEEP>
                <DISABLE_DNS_TRAFFIC>0</DISABLE_DNS_TRAFFIC>
            </MAP_OPTIONS>
            <MAP_PERFORMANCE>
                <OVERALL_PERFORMANCE>Normal</OVERALL_PERFORMANCE>
                <MAP_PARALLEL>
                    <EXTERNAL_SCANNERS>6</EXTERNAL_SCANNERS>
                    <SCANNER_APPLIANCES>8</SCANNER_APPLIANCES>
                    <NETBLOCK_SIZE>16384 IPs</NETBLOCK_SIZE>
                </MAP_PARALLEL>
                <PACKET_DELAY>Minimum</PACKET_DELAY>
            </MAP_PERFORMANCE>
            <MAP_AUTHENTICATION>vCenter</MAP_AUTHENTICATION>
            <DISCONNECTED_ESXI>1</DISCONNECTED_ESXI>
        </MAP>
        <ADDITIONAL>
            <HOST_DISCOVERY>
                <TCP_PORTS>
                    <STANDARD_SCAN>1</STANDARD_SCAN>
                </TCP_PORTS>
                <UDP_PORTS>
                    <STANDARD_SCAN>1</STANDARD_SCAN>
                </UDP_PORTS>
                <ICMP>1</ICMP>
            </HOST_DISCOVERY>
            <PACKET_OPTIONS>
                <IGNORE_FIREWALL_GENERATED_TCP_RST>0</IGNORE_FIREWALL_GENERATED_TCP_RST>
                <IGNORE_ALL_TCP_RST>0</IGNORE_ALL_TCP_RST>
                <IGNORE_FIREWALL_GENERATED_TCP_SYN_ACK>0</IGNORE_FIREWALL_GENERATED_TCP_SYN_ACK>
                <NOT_SEND_TCP_ACK_OR_SYN_ACK_DURING_HOST_DISCOVERY>0</NOT_SEND_TCP_ACK_OR_SYN_ACK_DURING_HOST_DISCOVERY>
            </PACKET_OPTIONS>
        </ADDITIONAL>
    </OPTION_PROFILE>
</OPTION_PROFILES>

XML Output

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE SIMPLE_RETURN SYSTEM "
https://<qualys_base_url>/api/3.0/simple_return.dtd">
<SIMPLE_RETURN>
    <RESPONSE>
        <DATETIME>2024-07-09T07:04:17Z</DATETIME>
        <TEXT>Successfully imported Option profile for the subscription Id 194334</TEXT>
        <ITEM_LIST>
            <ITEM>
                <KEY>2639624</KEY>
                <VALUE>
                          Option_profile_vCenter_scan_disconnected_esxi_import_file
</VALUE>
            </ITEM>
        </ITEM_LIST>
    </RESPONSE>
</SIMPLE_RETURN>

DTD (Request POST Data)

<platform API server>/api/3.0/fo/subscription/option_profile/option_profile_info.dtd

DTD (XML Output)

<platform API server>/api/3.0/simple_return.dtd

V4.0

POST/api/4.0/fo/subscription/option_profile/?action=import

Import all option profiles defined in input XML file to the user's account. Manager role is required.

When calling the Import Option Profile API the user needs to pass the proper XML with Content-Type XML. This will create option profiles in that user’s subscription. All validations are applied as in the Qualys portal UI while creating option profiles using the API.

Validations and Constraints:

1) The Option Profile DTD file is used to validate a generated/exported Option Profile XML file.

2) An XSD file is used to validate a proper format and required elements of the option profile XML file when importing this file.

3) While importing, any Search Lists defined for Vulnerability Detection, Custom and/or Excluded Lists, must be created in the user’s subscription before making an Import Option Profile call. At import time we try to match the Search List “title” to a search list title in the user’s subscription. If a match is found the search list is used, otherwise “Complete” Vulnerability Detection is assigned.

4) Password Brute Force Lists are not imported and will always be empty assigned, regardless of Option Profile XML content.

5) Policies defined for the PC Scan Restriction feature are not imported and will be empty assigned, regardless of Option Profile XML content.

Input ParametersInput Parameters

Parameter

Required/Optional

Data Type

Description

action=import

Required

 String 

Specify action to import option profile.

echo_request={0|1}

Optional

 Integer 

Specify 1 to view (echo) input parameters in the XML output. By default these are not included.
scan_disconnected_esxi Optional Boolean Launch the authenticated scan on ESXi hosts without creating VMware authorization records and VMware, vCenter mapping.
1 - If set to 1, the Disconnected ESXi checkbox is selected.
0 - If set to 0, the Disconnected ESXi checkbox is not selected

Sample - Import Option ProfileSample - Import Option Profile

API Request

curl --location "https://<qualys_base_url>/api/3.0/fo/subscription/option_profile/?action=import"\
--header "X-Requested-With: postman" \
--header "Content-Type: application/xml" \
--header "Authorization: Basic YWdtc19uYjpRYXRlbXAxMjMj" \
--data

Request POST Data

<!DOCTYPE OPTION_PROFILES SYSTEM "<qualys_base_url>/api/3.0/fo/subscription/option_profile/option_profile_info.dtd">
<OPTION_PROFILES>
    <OPTION_PROFILE>
        <BASIC_INFO>
            <ID>2639142</ID>
            <GROUP_NAME>
                <![CDATA[Option_profile_vCenter_scan_disconnected_esxi_mobimport]]>
            </GROUP_NAME>
            <GROUP_TYPE>user</GROUP_TYPE>
            <USER_ID>
                <![CDATA[John Manager (agms_jb)]]>
            </USER_ID>
            <UNIT_ID>0</UNIT_ID>
            <SUBSCRIPTION_ID>194334</SUBSCRIPTION_ID>
            <IS_DEFAULT>0</IS_DEFAULT>
            <IS_GLOBAL>0</IS_GLOBAL>
            <IS_OFFLINE_SYNCABLE>0</IS_OFFLINE_SYNCABLE>
            <UPDATE_DATE>2024-07-08T13:16:26Z</UPDATE_DATE>
        </BASIC_INFO>
        <SCAN>
            <PORTS>
                <TCP_PORTS>
                    <TCP_PORTS_TYPE>none</TCP_PORTS_TYPE>
                    <THREE_WAY_HANDSHAKE>0</THREE_WAY_HANDSHAKE>
                </TCP_PORTS>
                <UDP_PORTS>
                    <UDP_PORTS_TYPE>none</UDP_PORTS_TYPE>
                </UDP_PORTS>
                <AUTHORITATIVE_OPTION>0</AUTHORITATIVE_OPTION>
            </PORTS>
            <SCAN_DEAD_HOSTS>0</SCAN_DEAD_HOSTS>
            <PURGE_OLD_HOST_OS_CHANGED>0</PURGE_OLD_HOST_OS_CHANGED>
            <PERFORMANCE>
                <PARALLEL_SCALING>0</PARALLEL_SCALING>
                <OVERALL_PERFORMANCE>Normal</OVERALL_PERFORMANCE>
                <HOSTS_TO_SCAN>
                    <EXTERNAL_SCANNERS>15</EXTERNAL_SCANNERS>
                    <SCANNER_APPLIANCES>30</SCANNER_APPLIANCES>
                </HOSTS_TO_SCAN>
                <PROCESSES_TO_RUN>
                    <TOTAL_PROCESSES>10</TOTAL_PROCESSES>
                    <HTTP_PROCESSES>10</HTTP_PROCESSES>
                </PROCESSES_TO_RUN>
                <PACKET_DELAY>Medium</PACKET_DELAY>
                <PORT_SCANNING_AND_HOST_DISCOVERY>Normal</PORT_SCANNING_AND_HOST_DISCOVERY>
            </PERFORMANCE>
            <LOAD_BALANCER_DETECTION>0</LOAD_BALANCER_DETECTION>
            <VULNERABILITY_DETECTION>
                <COMPLETE>
                    <![CDATA[complete]]>
                </COMPLETE>
                <DETECTION_INCLUDE>
                    <BASIC_HOST_INFO_CHECKS>0</BASIC_HOST_INFO_CHECKS>
                    <OVAL_CHECKS>0</OVAL_CHECKS>
                    <QRDI_CHECKS>0</QRDI_CHECKS>
                </DETECTION_INCLUDE>
            </VULNERABILITY_DETECTION>
            <ADDL_CERT_DETECTION>0</ADDL_CERT_DETECTION>
        </SCAN>
        <MAP>
            <BASIC_INFO_GATHERING_ON>none</BASIC_INFO_GATHERING_ON>
            <MAP_OPTIONS>
                <PERFORM_LIVE_HOST_SWEEP>0</PERFORM_LIVE_HOST_SWEEP>
                <DISABLE_DNS_TRAFFIC>0</DISABLE_DNS_TRAFFIC>
            </MAP_OPTIONS>
            <MAP_PERFORMANCE>
                <OVERALL_PERFORMANCE>Normal</OVERALL_PERFORMANCE>
                <MAP_PARALLEL>
                    <EXTERNAL_SCANNERS>6</EXTERNAL_SCANNERS>
                    <SCANNER_APPLIANCES>8</SCANNER_APPLIANCES>
                    <NETBLOCK_SIZE>16384 IPs</NETBLOCK_SIZE>
                </MAP_PARALLEL>
                <PACKET_DELAY>Minimum</PACKET_DELAY>
            </MAP_PERFORMANCE>
            <MAP_AUTHENTICATION>vCenter</MAP_AUTHENTICATION>
            <DISCONNECTED_ESXI>1</DISCONNECTED_ESXI>
        </MAP>
        <ADDITIONAL>
            <HOST_DISCOVERY>
                <TCP_PORTS>
                    <STANDARD_SCAN>1</STANDARD_SCAN>
                </TCP_PORTS>
                <UDP_PORTS>
                    <STANDARD_SCAN>1</STANDARD_SCAN>
                </UDP_PORTS>
                <ICMP>1</ICMP>
            </HOST_DISCOVERY>
            <PACKET_OPTIONS>
                <IGNORE_FIREWALL_GENERATED_TCP_RST>0</IGNORE_FIREWALL_GENERATED_TCP_RST>
                <IGNORE_ALL_TCP_RST>0</IGNORE_ALL_TCP_RST>
                <IGNORE_FIREWALL_GENERATED_TCP_SYN_ACK>0</IGNORE_FIREWALL_GENERATED_TCP_SYN_ACK>
                <NOT_SEND_TCP_ACK_OR_SYN_ACK_DURING_HOST_DISCOVERY>0</NOT_SEND_TCP_ACK_OR_SYN_ACK_DURING_HOST_DISCOVERY>
            </PACKET_OPTIONS>
        </ADDITIONAL>
    </OPTION_PROFILE>
</OPTION_PROFILES>

XML Output

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE SIMPLE_RETURN SYSTEM "
https://<qualys_base_url>/api/3.0/simple_return.dtd">
<SIMPLE_RETURN>
    <RESPONSE>
        <DATETIME>2024-07-09T06:53:47Z</DATETIME>
        <TEXT>Successfully imported Option profile for the subscription Id 194334</TEXT>
        <ITEM_LIST>
            <ITEM>
                <KEY>2639623</KEY>
                <VALUE>
                          Option_profile_vCenter_scan_disconnected_esxi_mobimport
</VALUE>
            </ITEM>
        </ITEM_LIST>
    </RESPONSE>
</SIMPLE_RETURN>

Sample - Import Option ProfileSample - Import Option Profile

where the file “Export_OP.xml” contains the request POST data

API Request

curl --location
"https://<qualys_base_url>/api/3.0/fo/subscription/option_profile/?action=import"
\
--header "X-Requested-With: postman" \
--header "Content-Type: application/xml" \
--header "Authorization: Basic YWdtc19uYjpRYXRlbXAxMjMj" \

Request POST Data

<OPTION_PROFILES>
    <OPTION_PROFILE>
        <BASIC_INFO>
            <ID>2639142</ID>
            <GROUP_NAME>
                <![CDATA[Option_profile_vCenter_scan_disconnected_esxi_mobimport]]>
            </GROUP_NAME>
            <GROUP_TYPE>user</GROUP_TYPE>
            <USER_ID>
                <![CDATA[John Manager (agms_jb)]]>
            </USER_ID>
            <UNIT_ID>0</UNIT_ID>
            <SUBSCRIPTION_ID>194334</SUBSCRIPTION_ID>
            <IS_DEFAULT>0</IS_DEFAULT>
            <IS_GLOBAL>0</IS_GLOBAL>
            <IS_OFFLINE_SYNCABLE>0</IS_OFFLINE_SYNCABLE>
            <UPDATE_DATE>2024-07-08T13:16:26Z</UPDATE_DATE>
        </BASIC_INFO>
        <SCAN>
            <PORTS>
                <TCP_PORTS>
                    <TCP_PORTS_TYPE>none</TCP_PORTS_TYPE>
                    <THREE_WAY_HANDSHAKE>0</THREE_WAY_HANDSHAKE>
                </TCP_PORTS>
                <UDP_PORTS>
                    <UDP_PORTS_TYPE>none</UDP_PORTS_TYPE>
                </UDP_PORTS>
                <AUTHORITATIVE_OPTION>0</AUTHORITATIVE_OPTION>
            </PORTS>
            <SCAN_DEAD_HOSTS>0</SCAN_DEAD_HOSTS>
            <PURGE_OLD_HOST_OS_CHANGED>0</PURGE_OLD_HOST_OS_CHANGED>
            <PERFORMANCE>
                <PARALLEL_SCALING>0</PARALLEL_SCALING>
                <OVERALL_PERFORMANCE>Normal</OVERALL_PERFORMANCE>
                <HOSTS_TO_SCAN>
                    <EXTERNAL_SCANNERS>15</EXTERNAL_SCANNERS>
                    <SCANNER_APPLIANCES>30</SCANNER_APPLIANCES>
                </HOSTS_TO_SCAN>
                <PROCESSES_TO_RUN>
                    <TOTAL_PROCESSES>10</TOTAL_PROCESSES>
                    <HTTP_PROCESSES>10</HTTP_PROCESSES>
                </PROCESSES_TO_RUN>
                <PACKET_DELAY>Medium</PACKET_DELAY>
                <PORT_SCANNING_AND_HOST_DISCOVERY>Normal</PORT_SCANNING_AND_HOST_DISCOVERY>
            </PERFORMANCE>
            <LOAD_BALANCER_DETECTION>0</LOAD_BALANCER_DETECTION>
            <VULNERABILITY_DETECTION>
                <COMPLETE>
                    <![CDATA[complete]]>
                </COMPLETE>
                <DETECTION_INCLUDE>
                    <BASIC_HOST_INFO_CHECKS>0</BASIC_HOST_INFO_CHECKS>
                    <OVAL_CHECKS>0</OVAL_CHECKS>
                    <QRDI_CHECKS>0</QRDI_CHECKS>
                </DETECTION_INCLUDE>
            </VULNERABILITY_DETECTION>
            <ADDL_CERT_DETECTION>0</ADDL_CERT_DETECTION>
        </SCAN>
        <MAP>
            <BASIC_INFO_GATHERING_ON>none</BASIC_INFO_GATHERING_ON>
            <MAP_OPTIONS>
                <PERFORM_LIVE_HOST_SWEEP>0</PERFORM_LIVE_HOST_SWEEP>
                <DISABLE_DNS_TRAFFIC>0</DISABLE_DNS_TRAFFIC>
            </MAP_OPTIONS>
            <MAP_PERFORMANCE>
                <OVERALL_PERFORMANCE>Normal</OVERALL_PERFORMANCE>
                <MAP_PARALLEL>
                    <EXTERNAL_SCANNERS>6</EXTERNAL_SCANNERS>
                    <SCANNER_APPLIANCES>8</SCANNER_APPLIANCES>
                    <NETBLOCK_SIZE>16384 IPs</NETBLOCK_SIZE>
                </MAP_PARALLEL>
                <PACKET_DELAY>Minimum</PACKET_DELAY>
            </MAP_PERFORMANCE>
            <MAP_AUTHENTICATION>vCenter</MAP_AUTHENTICATION>
            <DISCONNECTED_ESXI>1</DISCONNECTED_ESXI>
        </MAP>
        <ADDITIONAL>
            <HOST_DISCOVERY>
                <TCP_PORTS>
                    <STANDARD_SCAN>1</STANDARD_SCAN>
                </TCP_PORTS>
                <UDP_PORTS>
                    <STANDARD_SCAN>1</STANDARD_SCAN>
                </UDP_PORTS>
                <ICMP>1</ICMP>
            </HOST_DISCOVERY>
            <PACKET_OPTIONS>
                <IGNORE_FIREWALL_GENERATED_TCP_RST>0</IGNORE_FIREWALL_GENERATED_TCP_RST>
                <IGNORE_ALL_TCP_RST>0</IGNORE_ALL_TCP_RST>
                <IGNORE_FIREWALL_GENERATED_TCP_SYN_ACK>0</IGNORE_FIREWALL_GENERATED_TCP_SYN_ACK>
                <NOT_SEND_TCP_ACK_OR_SYN_ACK_DURING_HOST_DISCOVERY>0</NOT_SEND_TCP_ACK_OR_SYN_ACK_DURING_HOST_DISCOVERY>
            </PACKET_OPTIONS>
        </ADDITIONAL>
    </OPTION_PROFILE>
</OPTION_PROFILES>

XML Output

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE SIMPLE_RETURN SYSTEM "
https://<qualys_base_url>/api/3.0/simple_return.dtd">
<SIMPLE_RETURN>
    <RESPONSE>
        <DATETIME>2024-07-09T07:04:17Z</DATETIME>
        <TEXT>Successfully imported Option profile for the subscription Id 194334</TEXT>
        <ITEM_LIST>
            <ITEM>
                <KEY>2639624</KEY>
                <VALUE>
                          Option_profile_vCenter_scan_disconnected_esxi_import_file
</VALUE>
            </ITEM>
        </ITEM_LIST>
    </RESPONSE>
</SIMPLE_RETURN>

DTD (Request POST Data)

<platform API server>/api/4.0/fo/subscription/option_profile/option_profile_info.dtd

DTD (XML Output)

<platform API server>/api/4.0/simple_return.dtd

V5.0

POST/api/5.0/fo/subscription/option_profile/?action=import

Import all option profiles defined in input XML file to the user's account. Manager role is required.

When calling the Import Option Profile API the user needs to pass the proper XML with Content-Type XML. This will create option profiles in that user’s subscription. All validations are applied as in the Qualys portal UI while creating option profiles using the API.

Validations and Constraints:

1) The Option Profile DTD file is used to validate a generated/exported Option Profile XML file.

2) An XSD file is used to validate a proper format and required elements of the option profile XML file when importing this file.

3) While importing, any Search Lists defined for Vulnerability Detection, Custom and/or Excluded Lists, must be created in the user’s subscription before making an Import Option Profile call. At import time we try to match the Search List “title” to a search list title in the user’s subscription. If a match is found the search list is used, otherwise “Complete” Vulnerability Detection is assigned.

4) Password Brute Force Lists are not imported and will always be empty assigned, regardless of Option Profile XML content.

5) Policies defined for the PC Scan Restriction feature are not imported and will be empty assigned, regardless of Option Profile XML content.

Input ParametersInput Parameters

Parameter

Required/Optional

Data Type

Description

action=import

Required

 String 

Specify action to import option profile.

echo_request={0|1}

Optional

 Integer 

Specify 1 to view (echo) input parameters in the XML output. By default these are not included.
scan_disconnected_esxi Optional Boolean Launch the authenticated scan on ESXi hosts without creating VMware authorization records and VMware, vCenter mapping.
1 - If set to 1, the Disconnected ESXi checkbox is selected.
0 - If set to 0, the Disconnected ESXi checkbox is not selected

Sample - Import Option ProfileSample - Import Option Profile

API Request

curl -s -S -H 'X-Requested-With:curl demo2' -u "<username>:<password>" -H "content-type: text/xml" -H "X-Requested-With:curl" -X "POST" --data-binary @/home/<username>/John/Export_Op_agent_corr_enbaled.xml "<qualys_base_url>/api/5.0/fo/subscription/option_profile/?action=import"

Request POST Data

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE SIMPLE_RETURN SYSTEM "<qualys_base_url>/api/5.0/simple_return.dtd">
<SIMPLE_RETURN>
  <RESPONSE>
    <DATETIME>2025-09-26T10:28:48Z</DATETIME>
    <TEXT>Successfully imported Option profile for the subscription Id 4027198</TEXT>
    <ITEM_LIST>
      <ITEM>
        <KEY>7779470</KEY>
        <VALUE>agent correlation enabled OP</VALUE>
      </ITEM>
    </ITEM_LIST>
  </RESPONSE>
</SIMPLE_RETURN>

DTD (Request POST Data)

<platform API server>/api/5.0/fo/subscription/option_profile/option_profile_info.dtd

DTD (XML Output)

<platform API server>/api/5.0/simple_return.dtd

V6.0

POST/api/6.0/fo/subscription/option_profile/?action=import

Import all option profiles defined in input XML file to the user's account. Manager role is required.

When calling the Import Option Profile API the user needs to pass the proper XML with Content-Type XML. This will create option profiles in that user’s subscription. All validations are applied as in the Qualys portal UI while creating option profiles using the API.

Validations and Constraints:

1) The Option Profile DTD file is used to validate a generated/exported Option Profile XML file.

2) An XSD file is used to validate a proper format and required elements of the option profile XML file when importing this file.

3) While importing, any Search Lists defined for Vulnerability Detection, Custom and/or Excluded Lists, must be created in the user’s subscription before making an Import Option Profile call. At import time we try to match the Search List “title” to a search list title in the user’s subscription. If a match is found the search list is used, otherwise “Complete” Vulnerability Detection is assigned.

4) Password Brute Force Lists are not imported and will always be empty assigned, regardless of Option Profile XML content.

5) Policies defined for the PC Scan Restriction feature are not imported and will be empty assigned, regardless of Option Profile XML content.

Input ParameterInput Parameter

Parameter

Required/Optional

Data Type

Description

action=import

Required

 String 

Specify action to import option profile.

echo_request={0|1}

Optional

 Integer 

Specify 1 to view (echo) input parameters in the XML output. By default these are not included.
scan_disconnected_esxi Optional Boolean Launch the authenticated scan on ESXi hosts without creating VMware authorization records and VMware, vCenter mapping.
1 - If set to 1, the Disconnected ESXi checkbox is selected.
0 - If set to 0, the Disconnected ESXi checkbox is not selected
 

Sample - Import Option ProfileSample - Import Option Profile

API Request

curl --location --request POST  '<qualys_base_url>/api/6.0/fo/subscription/option_profile/?action=import' \
--header 'Content-Type: application/xml' \
--header 'Accept: */*' \
--header 'x-requested-with: curl demo2' \
--header 'Authorization: Bearer <JWT Token \
--data '<?xml version="1.0" encoding="UTF-8" ?>

Request POST Data

<!DOCTYPE OPTION_PROFILES SYSTEM "<qualys_base_url>/api/6.0/fo/subscription/option_profile/option_profile_info.dtd">
<OPTION_PROFILES>
    <OPTION_PROFILE>
        <BASIC_INFO>
            <ID>3494139</ID>
            <GROUP_NAME>
                <![CDATA[Import Option Profile 1]]>
            </GROUP_NAME>
            <GROUP_TYPE>user</GROUP_TYPE>
            <USER_ID>
                <![CDATA[Aditya Gangadharan (vmsp_ag1)]]>
            </USER_ID>
            <UNIT_ID>0</UNIT_ID>
            <SUBSCRIPTION_ID>970969</SUBSCRIPTION_ID>
            <IS_DEFAULT>0</IS_DEFAULT>
            <IS_GLOBAL>1</IS_GLOBAL>
            <IS_OFFLINE_SYNCABLE>1</IS_OFFLINE_SYNCABLE>
            <UPDATE_DATE>2026-01-19T06:54:38Z</UPDATE_DATE>
        </BASIC_INFO>
        <SCAN>
            <PORTS>
                <TCP_PORTS>
                    <TCP_PORTS_TYPE>standard</TCP_PORTS_TYPE>
                    <THREE_WAY_HANDSHAKE>0</THREE_WAY_HANDSHAKE>
                </TCP_PORTS>
                <UDP_PORTS>
                    <UDP_PORTS_TYPE>standard</UDP_PORTS_TYPE>
                    <UDP_PORTS_ADDITIONAL>
                        <HAS_ADDITIONAL>1</HAS_ADDITIONAL>
                        <ADDITIONAL_PORTS>8080</ADDITIONAL_PORTS>
                    </UDP_PORTS_ADDITIONAL>
                </UDP_PORTS>
                <AUTHORITATIVE_OPTION>0</AUTHORITATIVE_OPTION>
            </PORTS>
            <SCAN_DEAD_HOSTS>1</SCAN_DEAD_HOSTS>
            <CLOSE_VULNERABILITIES>
                <HAS_CLOSE_VULNERABILITIES>1</HAS_CLOSE_VULNERABILITIES>
                <HOST_NOT_FOUND_ALIVE>2</HOST_NOT_FOUND_ALIVE>
            </CLOSE_VULNERABILITIES>
            <PURGE_OLD_HOST_OS_CHANGED>0</PURGE_OLD_HOST_OS_CHANGED>
            <PERFORMANCE>
                <PARALLEL_SCALING>1</PARALLEL_SCALING>
                <OVERALL_PERFORMANCE>High</OVERALL_PERFORMANCE>
                <HOSTS_TO_SCAN>
                    <EXTERNAL_SCANNERS>20</EXTERNAL_SCANNERS>
                    <SCANNER_APPLIANCES>50</SCANNER_APPLIANCES>
                </HOSTS_TO_SCAN>
                <PROCESSES_TO_RUN>
                    <TOTAL_PROCESSES>20</TOTAL_PROCESSES>
                    <HTTP_PROCESSES>20</HTTP_PROCESSES>
                </PROCESSES_TO_RUN>
                <PACKET_DELAY>Short</PACKET_DELAY>
                <PORT_SCANNING_AND_HOST_DISCOVERY>Normal</PORT_SCANNING_AND_HOST_DISCOVERY>
            </PERFORMANCE>
            <LOAD_BALANCER_DETECTION>1</LOAD_BALANCER_DETECTION>
            <PASSWORD_BRUTE_FORCING>
                <SYSTEM>
                    <HAS_SYSTEM>1</HAS_SYSTEM>
                    <SYSTEM_LEVEL>Standard</SYSTEM_LEVEL>
                </SYSTEM>
            </PASSWORD_BRUTE_FORCING>
            <VULNERABILITY_DETECTION>
                <COMPLETE>
                    <![CDATA[complete]]>
                </COMPLETE>
                <DETECTION_INCLUDE>
                    <BASIC_HOST_INFO_CHECKS>0</BASIC_HOST_INFO_CHECKS>
                    <OVAL_CHECKS>0</OVAL_CHECKS>
                    <QRDI_CHECKS>1</QRDI_CHECKS>
                </DETECTION_INCLUDE>
            </VULNERABILITY_DETECTION>
            <AUTHENTICATION>
                <![CDATA[Windows,Unix,Oracle,Oracle Listener,SNMP,VMware,DB2,HTTP,MySQL,MongoDB,Tomcat Server,Oracle Weblogic Server,Palo Alto Networks Firewall,Jboss Server,Sybase,Nutanix,NSX]]>
            </AUTHENTICATION>
            <AUTHENTICATION_LEAST_PRIVILEGE>
                <![CDATA[Unix]]>
            </AUTHENTICATION_LEAST_PRIVILEGE>
            <ADDL_CERT_DETECTION>1</ADDL_CERT_DETECTION>
            <SYSTEM_AUTH_RECORD>
                <INCLUDE_SYSTEM_AUTH>
                    <ON_DUPLICATE_USE_USER_AUTH>1</ON_DUPLICATE_USE_USER_AUTH>
                </INCLUDE_SYSTEM_AUTH>
            </SYSTEM_AUTH_RECORD>
            <LITE_OS_SCAN>1</LITE_OS_SCAN>
            <HOST_ALIVE_TESTING>1</HOST_ALIVE_TESTING>
            <MAX_SCAN_DURATION_PER_ASSET>2500</MAX_SCAN_DURATION_PER_ASSET>
        </SCAN>
        <MAP>
            <BASIC_INFO_GATHERING_ON>all</BASIC_INFO_GATHERING_ON>
            <TCP_PORTS>
                <TCP_PORTS_STANDARD_SCAN>1</TCP_PORTS_STANDARD_SCAN>
            </TCP_PORTS>
            <UDP_PORTS>
                <UDP_PORTS_STANDARD_SCAN>1</UDP_PORTS_STANDARD_SCAN>
            </UDP_PORTS>
            <MAP_OPTIONS>
                <PERFORM_LIVE_HOST_SWEEP>1</PERFORM_LIVE_HOST_SWEEP>
                <DISABLE_DNS_TRAFFIC>1</DISABLE_DNS_TRAFFIC>
            </MAP_OPTIONS>
            <MAP_PERFORMANCE>
                <OVERALL_PERFORMANCE>High</OVERALL_PERFORMANCE>
                <MAP_PARALLEL>
                    <EXTERNAL_SCANNERS>8</EXTERNAL_SCANNERS>
                    <SCANNER_APPLIANCES>10</SCANNER_APPLIANCES>
                    <NETBLOCK_SIZE>4096 IPs</NETBLOCK_SIZE>
                </MAP_PARALLEL>
                <PACKET_DELAY>Minimum</PACKET_DELAY>
            </MAP_PERFORMANCE>
            <MAP_AUTHENTICATION>none</MAP_AUTHENTICATION>
        </MAP>
        <ADDITIONAL>
            <HOST_DISCOVERY>
                <TCP_PORTS>
                    <STANDARD_SCAN>1</STANDARD_SCAN>
                </TCP_PORTS>
                <UDP_PORTS>
                    <STANDARD_SCAN>1</STANDARD_SCAN>
                </UDP_PORTS>
                <ICMP>1</ICMP>
            </HOST_DISCOVERY>
            <PACKET_OPTIONS>
                <IGNORE_FIREWALL_GENERATED_TCP_RST>1</IGNORE_FIREWALL_GENERATED_TCP_RST>
                <IGNORE_ALL_TCP_RST>1</IGNORE_ALL_TCP_RST>
                <IGNORE_FIREWALL_GENERATED_TCP_SYN_ACK>1</IGNORE_FIREWALL_GENERATED_TCP_SYN_ACK>
                <NOT_SEND_TCP_ACK_OR_SYN_ACK_DURING_HOST_DISCOVERY>1</NOT_SEND_TCP_ACK_OR_SYN_ACK_DURING_HOST_DISCOVERY>
            </PACKET_OPTIONS>
        </ADDITIONAL>
    </OPTION_PROFILE>
</OPTION_PROFILES>

XML Output

?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE SIMPLE_RETURN SYSTEM "<qualys_base_url>/api/6.0/simple_return.dtd">
<SIMPLE_RETURN>
    <RESPONSE>
        <DATETIME>2026-01-19T09:48:09Z</DATETIME>
        <TEXT>Successfully imported Option profile for the subscription Id 970969</TEXT>
        <ITEM_LIST>
            <ITEM>
                <KEY>3494173</KEY>
                <VALUE>
          
                          Import Option Profile 1
                      
        </VALUE>
            </ITEM>
        </ITEM_LIST>
    </RESPONSE>
</SIMPLE_RETURN> 

DTD (Request POST Data)

<platform API server>/api/6.0/fo/subscription/option_profile/option_profile_info.dtd

DTD (XML Output)

<platform API server>/api/6.0/simple_return.dtd

API Version History

The following table depicts the information about the different versions of this API along with the status:

API Version EOS EOL
/api/6.0/fo/subscription/option_profile/?action=import Active Active
/api/5.0/fo/subscription/option_profile/?action=import July 2026 January 2027
/api/4.0/fo/subscription/option_profile/?action=import December 2025 June 2026
/api/3.0/fo/subscription/option_profile/?action=import December 2025 June 2026
/api/2.0/fo/subscription/option_profile/?action=import December 2025 June 2026

 

 

success Thank you! We're glad to hear that this topic was useful.
success We appreciate your feedback. We'll work to make this topic better for you in the future.