For API version information, refer to the API Version History section.
Create a VM option profile in the user's account.
Permissions - A Manager will be able to create option profiles in the subscription. A Unit Manager will be able to create option profiles for users in their business unit.
A Manager will be able to create, update, and delete option profiles in the subscription, and a Unit Manager will be able to create, update, and delete option profiles for users in their business unit.
Parameter |
Required/Optional |
Data Type |
Description |
---|---|---|---|
action=create |
Required |
String |
Specify action to create VM option profile. |
echo_request={0|1} |
Optional |
Integer |
Specify 1 to view (echo) input parameters in the XML output. By default these are not included. |
title={value} |
Required |
String |
The title of the option profile. |
id=value | Required | Integer |
An option profile ID. |
scan_tcp_ports={none|full|standard|light} |
Required | Boolean | We use ports to send packets to the host in order to determine whether the host is alive and also to do fingerprinting for the discovery of services. Specify “full” to scan all ports, “standard” to scan standard ports or “light” to scan fewer ports. We will scan the standard list of ports unless you choose a different option in the profile. |
scan_udp_ports={none|full standard|light} |
Required |
Boolean |
Specify “full” to scan all ports, “standard” to scan standard ports or “light” to scan fewer ports. We will scan the standard list of ports unless you choose a different option in the profile. |
vulnerability_detection= {complete|custom|runtime} |
Required |
Integer |
With a "complete" scan we'll scan for all vulnerabilities (QIDs) in the KnowledgeBase applicable to each host being scanned. Specify "custom" to limit the scan to specified QIDs only. Then add the QIDs you want to scan. Specify “runtime” to scan QIDs at runtime. |
basic_information_gathering= {all|register|netblockonly|none} |
Required |
Boolean |
Perform basic information gathering on: All: All Hosts (hosts detected by the map), Register: Registered Hosts (hosts in your account), Netblockonly: Netblock Hosts (hosts added by a user to the netblock for the target domain) or None. |
purge_host_data Default value (1) |
Optional | Integer | Specify 1 to purge host data. Especially useful if you have systems that are regularly decommissioned or replaced. By specifying this option you are telling us you want to purge the host if we detect a change in the host's Operating System (OS) vendor at scan time, for example the OS changed from Linux to Windows or Debian to Ubuntu. We will not purge the host for an OS version change like Linux 2.8.13 to Linux 2.9.4. |
scan_parallel_scaling Default value (1) |
Optional | Integer |
Useful in subscriptions that have physical and virtual scanner appliances with different performance characteristics (For example, CPU, RAM). Dynamically scale up the number of hosts to scan in parallel (at scan time) to a calculated value which is based upon the computing resources available on each appliance. Note that the number of hosts to scan in parallel value determines how many hosts each appliance will target concurrently, not how many appliances will be used for the scan. |
enable_dissolvable_ Default value (1) |
Optional | Integer | Required for certain scan features like Windows Share Enumeration. At scan time the Agent is installed on Windows devices to collect data, and once the scan is complete it removes itself completely from target systems. |
authentication Default value |
Optional | String |
Perform a more in-depth assessment and get you the most accurate results with fewer false positives. Specify one or more technologies for the hosts you want to scan. Be sure that you have configured authentication records (under Scans > Authentication) before running your scan. The following options are available: - Windows - Unix - Oracle - Oracle Listener - SNMP - VMware - DB2 - HTTP - MySQL - MongoDB - Tomcat Server - Palo Alto Networks Firewall - Sybase Note: If the end-user does not pass this parameter (authentication=unauth). |
authentication_least_ Default value (Unix) |
Optional | String | Specify authentication_least_privilege=Unix (this value is case sensitive) to use the least privileges required for Unix authentication. When specified, the scanner will not pass root delegation information specified in the Unix record to the scanner for vulnerability scans. When not specified (the default), root delegation will be used if specified in the Unix record. Note: Unix authentication must be enabled in the same option profile (authentication=Unix). |
icmp Default value (0) |
Optional | Integer | Discover live hosts that respond to an ICMP ping. Default setting is 1. |
ignore_firewall_ Default value (1) |
Optional | Integer | Specify 1 to ignore all TCP RESET packets - firewall-generated and live-host-generated. |
ignore_firewall_generated_ Default value (1) |
Optional | Integer | Specify 1 to determine if TCP SYN-ACK packets are generated by a filtering device and ignore packets that appear to originate from such devices |
Click here to view list of optional parameters
API Request
curl -u "USERNAME:PASSWORD" -H "X-Requested-With:curl" -X POST"action=create&title=99&global=1&scan_tcp_ports=full&scan_udp_ports=standard&&scan_overall_performance=normal&vulnerability_detection=complete&basic_information_gathering=all" "http://<qualys_base_url>/api/2.0/fo/subscription/option_profile/vm/"
XML Output
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE SIMPLE_RETURN SYSTEM "http://<qualys_base_url>/api/2.0/simple_return.dtd">
<SIMPLE_RETURN>
<RESPONSE>
<DATETIME>2018-04-26T06:40:03Z</DATETIME>
<TEXT>Option profile successfully added.</TEXT>
<ITEM_LIST>
<ITEM>
<KEY>ID</KEY>
<VALUE>32112</VALUE>
</ITEM>
</ITEM_LIST>
</RESPONSE>
</SIMPLE_RETURN>
API Request
curl --location --request POST "/api/2.0/fo/subscription/option_profile/vm/?action=create&title=VM_API_Option_profile_696969&scan_tcp_ports=none&scan_udp_ports=none&vulnerability_detection=complete&basic_information_gatheri ng=none &enable_partial_ssl_tls_auditing=1"
\--header "ContentType: application/x-www-form-urlencoded"
\--header "X-RequestedWith: curl demo2"
\--header 'Accept: "*/*
\--header "Content-Length: 0"
\--header "Authorization: Basic"
XML Output
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE SIMPLE_RETURN SYSTEM
"<qualys_base_url>/api/2.0/simple_return.dtd">
<SIMPLE_RETURN>
<RESPONSE>
<DATETIME>2023-08-31T10:05:16Z</DATETIME>
<TEXT>Option profile successfully added.</TEXT>
<ITEM_LIST>
<ITEM>
<KEY>ID</KEY>
<VALUE>2445054</VALUE>
</ITEM>
</ITEM_LIST>
</RESPONSE>
</SIMPLE_RETURN>
PI Request
curl -u "USERNAME:PASSWORD" -H "X-Requested-With:curl" -X POST"?action=create&purge_host_data=1&scan_parallel_scaling=1&scan_scanner
_appliances=50&scan_total_process=20&scan
_http_process=20&authentication_
least_privilege=Unix&enable_dissolvable_agent=1&icmp=0&ignore_
firewall_generated_tcp_rst_packets=1&ignore_firewall_generated_
tcp_syn_ack_packets=1&title=VM_API_Option_profile&scan_tcp_
ports=none&scan_udp_ports=none&vulnerability_detection=
complete&basic_information_gathering=none&scan_overall_
performance=custom&authentication=Unix" '<qualys_base_url>/api/2.0/fo/subscription/option_profile/vm/'
XML Response
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE SIMPLE_RETURN SYSTEM
"<qualys_base_url>/api/2.0/simple_return.dtd">
<SIMPLE_RETURN>
<RESPONSE>
<DATETIME>2024-08-23T07:45:54Z</DATETIME>
<TEXT>Option profile successfully added.</TEXT>
<ITEM_LIST>
<ITEM>
<KEY>ID</KEY>
<VALUE>2665297</VALUE>
</ITEM>
</ITEM_LIST>
</RESPONSE>
</SIMPLE_RETURN>
<platform API server>/api/2.0/simple_return.dtd
Create a VM option profile in the user's account.
Permissions - A Manager will be able to create option profiles in the subscription. A Unit Manager will be able to create option profiles for users in their business unit.
A Manager will be able to create, update, and delete option profiles in the subscription, and a Unit Manager will be able to create, update, and delete option profiles for users in their business unit.
Input ParameterInput Parameter
Parameter |
Required/Optional |
Data Type |
Description |
---|---|---|---|
action=create |
Required |
String |
Specify action to create VM option profile. |
echo_request={0|1} |
Optional |
Integer |
Specify 1 to view (echo) input parameters in the XML output. By default these are not included. |
title={value} |
Required |
String |
The title of the option profile. |
id=value | Required | Integer |
An option profile ID. |
scan_tcp_ports={none|full|standard|light} |
Required | Boolean | We use ports to send packets to the host in order to determine whether the host is alive and also to do fingerprinting for the discovery of services. Specify “full” to scan all ports, “standard” to scan standard ports or “light” to scan fewer ports. We will scan the standard list of ports unless you choose a different option in the profile. |
scan_udp_ports={none|full standard|light} |
Required |
Boolean |
Specify “full” to scan all ports, “standard” to scan standard ports or “light” to scan fewer ports. We will scan the standard list of ports unless you choose a different option in the profile. |
vulnerability_detection= {complete|custom|runtime} |
Required |
Integer |
With a "complete" scan we'll scan for all vulnerabilities (QIDs) in the KnowledgeBase applicable to each host being scanned. Specify "custom" to limit the scan to specified QIDs only. Then add the QIDs you want to scan. Specify “runtime” to scan QIDs at runtime. |
basic_information_gathering= {all|register|netblockonly|none} |
Required |
Boolean |
Perform basic information gathering on: All: All Hosts (hosts detected by the map), Register: Registered Hosts (hosts in your account), Netblockonly: Netblock Hosts (hosts added by a user to the netblock for the target domain) or None. |
scan_disconnected_esxi | Optional | Boolean | Launch the authenticated scan on ESXi hosts without creating VMware authorization records and VMware, vCenter mapping. 1 - If set to 1, the Disconnected ESXi checkbox is selected. 0 - If set to 0, the Disconnected ESXi checkbox is not selected. |
Click here to view list of optional parameters
API Request
curl -u "USERNAME:PASSWORD" -H "X-Requested-With:curl" -X POST"action=create&title=Option_profile_vCenter_scan_disconnected_esxi&scan_tcp_ports=none&scan_udp_ports=none&vulnerability_detection=complete&basic_information_gathering=none&map_authentication=vCenter&scan_disconnected_esxi=1"
"https://<qualys_base_url>/api/3.0/fo/subscription/option_profile/vm/"
XML Output
<?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE SIMPLE_RETURN SYSTEM "https:// <qualys_base_url>/api/3.0/simple_return.dtd"> <SIMPLE_RETURN> <RESPONSE> <DATETIME>2024-07-01T09:55:47Z</DATETIME> <TEXT>Option profile successfully added.</TEXT> <ITEM_LIST> <ITEM> <KEY>ID</KEY> <VALUE>2633919</VALUE> </ITEM> </ITEM_LIST> </RESPONSE> </SIMPLE_RETURN>
API Request
curl --location --request POST "https://<qualys_base_url>/api/3.0/fo/subscription/option_profile/vm/?action=create&title=VM_API_Option_profile_696969_mob&scan_tcp_ports=none&scan_udp_ports=none&vulnerability_detection=complete&basic_information_gathering=none%20&enable_partial_ssl_tls_auditing=1" \--header "Content-Type: application/x-www-form-urlencoded" \--header "X-Requested-With: curl demo2" \--header "Accept: */* " \--header "Content-Length: 0" \--header "Authorization: Basic YWdtc19uYjpRYXRlbXAxMjMj"
XML Output
<?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE SIMPLE_RETURN SYSTEM " https://<qualys_base_url>/api/3.0/simple_return.dtd"> <SIMPLE_RETURN> <RESPONSE> <DATETIME>2024-07-09T07:16:57Z</DATETIME> <TEXT>Option profile successfully added.</TEXT> <ITEM_LIST> <ITEM> <KEY>ID</KEY> <VALUE>2639625</VALUE> </ITEM> </ITEM_LIST> </RESPONSE> </SIMPLE_RETURN>
<platform API server>/api/3.0/simple_return.dtd
The following table depicts the information about the different versions of this API along with the status:
API Version | API Status | Release Date |
/api/2.0/fo/subscription/option_profile/?action=create | To be deprecated | January 2025 |
/api/3.0/fo/subscription/option_profile/?action=create | Active |
July 2024 |
Was this topic helpful?