Policy Audit Release 1.1.0 API
July 7, 2025 (Updated on July 16, 2025)
Before understanding the API release highlights, learn more about the API server URL to be used in your API requests by referring to the Know Your Qualys API Server URL section. For this API Release Notes, <qualys_base_url> is mentioned in the sample API requests.
We have implemented versioning for APIs. For more information on API versioning, refer to the Introducing API Versioning: A Strategic Upgrade for Enhanced Stability and Control for API Integrations blog.
Polices API: View Control Status for a Policy
| New or Updated API | Updated |
| API Endpoint (deprecation Timeline - December 2025) | /api/2.0/fo/compliance/policy/ |
| API Endpoint (New Version) |
/api/3.0/fo/compliance/policy/ |
| Method | GET and POST |
| DTD or XSD changes | Yes |
With this release, we have added a new tag - STATUS to the List Policies API. With the addition you can view the status (either active or inactive) of each Control associated to the Policy.
To ensure alignment with the Policy List API, the Policy Export and Policy Import APIs are now on version 3.0 (v3.0). Support for the new tag is not currently available in these APIs.
List Policies API
Sample - List PolicySample - List Policy
API Request
curl -k -s -S -H 'X-Requested-With:curl demo2' -u "username:Password#" -d "action=list&details=Basic&ids=5744989" "https://<qualys_base_url>/api/3.0/fo/compliance/policy/"
API Response
<?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE POLICY_LIST_OUTPUT SYSTEM "https://<qualys_base_url>/api/3.0/fo/compliance/policy/policy_list_output.dtd"> <POLICY_LIST_OUTPUT> <RESPONSE> <DATETIME>2025-06-30T06:26:19Z</DATETIME> <POLICY_LIST> <POLICY> <ID>5744989</ID> <TITLE> <![CDATA[One UDC]]> </TITLE> <CREATED> <DATETIME>2025-06-25T15:04:04Z</DATETIME> <BY>ctxta</BY> </CREATED> <LAST_MODIFIED> <DATETIME>2025-06-27T11:57:34Z</DATETIME> <BY>ctxta</BY> </LAST_MODIFIED> <LAST_EVALUATED> <DATETIME>2025-06-30T06:01:44Z</DATETIME> </LAST_EVALUATED> <STATUS> <![CDATA[active]]> </STATUS> <IS_LOCKED>0</IS_LOCKED> <EVALUATE_NOW> <![CDATA[yes]]> </EVALUATE_NOW> <ASSET_GROUP_IDS>10898081,10919108,10926154,10996581,11000130,11000163-11000164,11024194,11035730,11072689,11076105,11080595,11080756,11081917,11111120</ASSET_GROUP_IDS> <CONTROL_LIST> <CONTROL> <ID>1071</ID> <STATEMENT> <![CDATA[Status of the 'Minimum Password Length' setting]]> </STATEMENT> <CRITICALITY> <LABEL> <![CDATA[URGENT]]> </LABEL> <VALUE>5</VALUE> </CRITICALITY> <STATUS> <![CDATA[Active]]> </STATUS> </CONTROL> <CONTROL> <ID>100000</ID> <STATEMENT> <![CDATA[CitiJSONUDC2]]> </STATEMENT> <CRITICALITY> <LABEL> <![CDATA[URGENT]]> </LABEL> <VALUE>5</VALUE> </CRITICALITY> <STATUS> <![CDATA[Active]]> </STATUS> </CONTROL> </CONTROL_LIST> </POLICY> </POLICY_LIST> <GLOSSARY> <ASSET_GROUP_LIST> <ASSET_GROUP> <ID>10898081</ID> <TITLE> <![CDATA[IBMDB2]]> </TITLE> <NETWORK_ID>0</NETWORK_ID> </ASSET_GROUP> <ASSET_GROUP> <ID>10919108</ID> <TITLE> <![CDATA[Inflobox AG]]> </TITLE> <NETWORK_ID>0</NETWORK_ID> </ASSET_GROUP> <ASSET_GROUP> <ID>10926154</ID> <TITLE> <![CDATA[ip agent merge case]]> </TITLE> <NETWORK_ID>0</NETWORK_ID> </ASSET_GROUP> <ASSET_GROUP> <ID>11081917</ID> <TITLE> <![CDATA[pyscand ag3]]> </TITLE> <NETWORK_ID>0</NETWORK_ID> </ASSET_GROUP> <ASSET_GROUP> <ID>11111120</ID> <TITLE> <![CDATA[Windows AG nEw]]> </TITLE> <NETWORK_ID>0</NETWORK_ID> </ASSET_GROUP> <ASSET_GROUP> <ID>10996581</ID> <TITLE> <![CDATA[dtest AG]]> </TITLE> <NETWORK_ID>0</NETWORK_ID> </ASSET_GROUP> <ASSET_GROUP> <ID>11000130</ID> <TITLE> <![CDATA[Windows AG]]> </TITLE> <NETWORK_ID>0</NETWORK_ID> </ASSET_GROUP> <ASSET_GROUP> <ID>11000163</ID> <TITLE> <![CDATA[Vcenter]]> </TITLE> <NETWORK_ID>0</NETWORK_ID> </ASSET_GROUP> <ASSET_GROUP> <ID>11000164</ID> <TITLE> <![CDATA[VMagentPCIP]]> </TITLE> <NETWORK_ID>0</NETWORK_ID> </ASSET_GROUP> <ASSET_GROUP> <ID>11024194</ID> <TITLE> <![CDATA[PC Only Ip]]> </TITLE> <NETWORK_ID>0</NETWORK_ID> </ASSET_GROUP> <ASSET_GROUP> <ID>11035730</ID> <TITLE> <![CDATA[1.1.1.1]]> </TITLE> <NETWORK_ID>0</NETWORK_ID> </ASSET_GROUP> <ASSET_GROUP> <ID>11072689</ID> <TITLE> <![CDATA[red hat 8]]> </TITLE> <NETWORK_ID>0</NETWORK_ID> </ASSET_GROUP> <ASSET_GROUP> <ID>11076105</ID> <TITLE> <![CDATA[pyscand ag2]]> </TITLE> <NETWORK_ID>0</NETWORK_ID> </ASSET_GROUP> <ASSET_GROUP> <ID>11080595</ID> <TITLE> <![CDATA[windows and unix agent ip]]> </TITLE> <NETWORK_ID>0</NETWORK_ID> </ASSET_GROUP> <ASSET_GROUP> <ID>11080756</ID> <TITLE> <![CDATA[RDS]]> </TITLE> <NETWORK_ID>0</NETWORK_ID> </ASSET_GROUP> </ASSET_GROUP_LIST> </GLOSSARY> </RESPONSE> </POLICY_LIST_OUTPUT>
DTD UpdateDTD Update
A DTD for the List Policies API has been added.
<platform API server>/api/3.0/fo/compliance/policy/policy_list_output.dtd
DTD output for the List Policies API is as follows:
DTD Output
<!-- QUALYS POLICY_LIST_OUTPUT DTD -->
<!-- $Revision$ -->
<!ELEMENT POLICY_LIST_OUTPUT (REQUEST?,RESPONSE)>
<!ELEMENT REQUEST (DATETIME, USER_LOGIN, RESOURCE, PARAM_LIST?, POST_DATA?)>
<!ELEMENT DATETIME (#PCDATA)>
<!ELEMENT USER_LOGIN (#PCDATA)>
<!ELEMENT RESOURCE (#PCDATA)>
<!ELEMENT PARAM_LIST (PARAM+)>
<!ELEMENT PARAM (KEY, VALUE)>
<!ELEMENT KEY (#PCDATA)>
<!ELEMENT VALUE (#PCDATA)>
<!-- if returned, POST_DATA will be urlencoded -->
<!ELEMENT POST_DATA (#PCDATA)>
<!ELEMENT RESPONSE (DATETIME, (POLICY_LIST|ID_SET)?, WARNING_LIST?, GLOSSARY?)>
<!ELEMENT POLICY_LIST (POLICY+)>
<!ELEMENT POLICY (ID, TITLE, CREATED?, LAST_MODIFIED?, LAST_EVALUATED?, STATUS?, IS_LOCKED?, EVALUATE_NOW?, ASSET_GROUP_IDS?, TAG_SET_INCLUDE?, TAG_INCLUDE_SELECTOR?, TAG_SET_EXCLUDE?, TAG_EXCLUDE_SELECTOR?, INCLUDE_AGENT_IPS?, CONTROL_LIST?)>
<!ELEMENT ID (#PCDATA)>
<!ELEMENT TITLE (#PCDATA)>
<!ELEMENT CREATED (DATETIME, BY)>
<!ELEMENT BY (#PCDATA)>
<!ELEMENT LAST_MODIFIED (DATETIME, BY)>
<!ELEMENT LAST_EVALUATED (DATETIME)>
<!ELEMENT STATUS (#PCDATA)>
<!ELEMENT IS_LOCKED (#PCDATA)>
<!ELEMENT EVALUATE_NOW (#PCDATA)>
<!ELEMENT ASSET_GROUP_IDS (#PCDATA)>
<!ATTLIST ASSET_GROUP_IDS has_hidden_data CDATA #IMPLIED>
<!ELEMENT TAG_SET_INCLUDE (TAG_ID+)>
<!ELEMENT TAG_ID (#PCDATA)>
<!ELEMENT TAG_INCLUDE_SELECTOR (#PCDATA)>
<!ELEMENT TAG_SET_EXCLUDE (TAG_ID+)>
<!ELEMENT TAG_EXCLUDE_SELECTOR (#PCDATA)>
<!ELEMENT INCLUDE_AGENT_IPS (#PCDATA)>
<!ELEMENT CONTROL_LIST (CONTROL+)>
<!ELEMENT CONTROL (ID, STATEMENT, CRITICALITY?, STATUS?, DEPRECATED?, TECHNOLOGY_LIST?)>
<!ELEMENT STATEMENT (#PCDATA)>
<!ELEMENT CRITICALITY (LABEL, VALUE)>
<!ELEMENT LABEL (#PCDATA)>
<!ELEMENT DEPRECATED (#PCDATA)>
<!ELEMENT TECHNOLOGY_LIST (TECHNOLOGY+)>
<!ELEMENT TECHNOLOGY (ID, NAME, RATIONALE, CUSTOMIZED, REMEDIATION?)>
<!ELEMENT NAME (#PCDATA)>
<!ELEMENT RATIONALE (#PCDATA)>
<!ELEMENT CUSTOMIZED (#PCDATA)>
<!ELEMENT REMEDIATION (#PCDATA)>
<!ELEMENT ID_SET (ID|ID_RANGE)+>
<!ELEMENT ID_RANGE (#PCDATA)>
<!ELEMENT WARNING_LIST (WARNING+)>
<!ELEMENT WARNING (CODE?, TEXT, URL?)>
<!ELEMENT CODE (#PCDATA)>
<!ELEMENT TEXT (#PCDATA)>
<!ELEMENT URL (#PCDATA)>
<!ELEMENT GLOSSARY (ASSET_GROUP_LIST?, ASSET_TAG_LIST?, USER_LIST?)>
<!ELEMENT ASSET_GROUP_LIST (ASSET_GROUP+)>
<!ELEMENT ASSET_GROUP (ID, TITLE, NETWORK_ID?, IP_SET?)>
<!ELEMENT NETWORK_ID (#PCDATA)>
<!ELEMENT IP_SET (IP|IP_RANGE)+>
<!ELEMENT IP (#PCDATA)>
<!ELEMENT IP_RANGE (#PCDATA)>
<!ELEMENT ASSET_TAG_LIST (ASSET_INCLUDE_TAG_LIST?, ASSET_EXCLUDE_TAG_LIST?)>
<!ELEMENT ASSET_INCLUDE_TAG_LIST (TAG+)>
<!ELEMENT ASSET_EXCLUDE_TAG_LIST (TAG+)>
<!ELEMENT TAG (TAG_ID?, TAG_NAME?)>
<!ELEMENT TAG_NAME (#PCDATA)>
<!ELEMENT USER_LIST (USER+)>
<!ELEMENT USER (USER_LOGIN, FIRST_NAME, LAST_NAME)>
<!ELEMENT FIRST_NAME (#PCDATA)>
<!ELEMENT LAST_NAME (#PCDATA)>
<!-- EOF -->
Policy Export API
Sample - Policy ExportSample - Policy Export
API Request
curl -k -s -S -H 'X-Requested-With:curl demo2' -u "username:Password#" -d "action=export&id=5744989&show_user_controls=1" "https://<qualys_base_url>/api/3.0/fo/compliance/policy/"> Policy_export_V3sample.xml
API Response
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE POLICY_EXPORT_OUTPUT SYSTEM "https://<qualys_base_url>/api/3.0/fo/compliance/policy/policy_export_output.dtd">
<POLICY_EXPORT_OUTPUT>
<RESPONSE>
<DATETIME>2025-06-27T12:02:10Z</DATETIME>
<POLICY>
<TITLE><![CDATA[One UDC]]></TITLE>
<EXPORTED><![CDATA[2025-06-27T12:02:10Z]]></EXPORTED>
<COVER_PAGE><![CDATA[]]></COVER_PAGE>
<STATUS><![CDATA[active]]></STATUS>
<TECHNOLOGIES total="1">
<TECHNOLOGY>
<ID>80</ID>
<NAME>CentOS 7.x</NAME>
</TECHNOLOGY>
</TECHNOLOGIES>
<SECTIONS total="2">
<SECTION>
<NUMBER>1</NUMBER>
<HEADING><![CDATA[UDC]]></HEADING>
<CONTROLS total="1">
<USER_DEFINED_CONTROL>
<ID>100000</ID>
<UDC_ID>3e8fada3-8bc3-f557-8115-c567323d327a</UDC_ID>
<CHECK_TYPE>Unix File/Directory Existence</CHECK_TYPE>
<IS_CONTROL_DISABLE><![CDATA[0]]></IS_CONTROL_DISABLE>
<CATEGORY>
<ID>2</ID>
<NAME><![CDATA[Web Application Services]]></NAME>
</CATEGORY>
<SUB_CATEGORY>
<ID>1028</ID>
<NAME><![CDATA[Web Server/Tier Settings]]></NAME>
</SUB_CATEGORY>
<STATEMENT><![CDATA[CitiJSONUDC2]]></STATEMENT>
<CRITICALITY>
<LABEL><![CDATA[URGENT]]></LABEL>
<VALUE>5</VALUE>
</CRITICALITY>
<COMMENT><![CDATA[]]></COMMENT>
<USE_AGENT_ONLY>0</USE_AGENT_ONLY>
<AUTO_UPDATE>0</AUTO_UPDATE>
<IGNORE_ERROR>0</IGNORE_ERROR>
<IGNORE_ITEM_NOT_FOUND>0</IGNORE_ITEM_NOT_FOUND>
<SCAN_PARAMETERS>
<FILE_PATH><![CDATA[/etc/profile]]></FILE_PATH>
<DATA_TYPE>Boolean</DATA_TYPE>
<DESCRIPTION><![CDATA[NA]]></DESCRIPTION>
</SCAN_PARAMETERS>
<TECHNOLOGIES total="1">
<TECHNOLOGY>
<ID>80</ID>
<NAME>CentOS 7.x</NAME>
<EVALUATE><CTRL><DP><K>custom.file_dir_exist.4211083</K><L>2</L><V>true</V></DP></CTRL></EVALUATE>
<RATIONALE><![CDATA[RA]]></RATIONALE>
<REMEDIATION><![CDATA[]]></REMEDIATION>
<DATAPOINT>
<CARDINALITY>no cd</CARDINALITY>
<OPERATOR>no op</OPERATOR>
<DEFAULT_VALUES total="1">
<DEFAULT_VALUE>true</DEFAULT_VALUE>
</DEFAULT_VALUES>
</DATAPOINT>
</TECHNOLOGY>
</TECHNOLOGIES>
<REFERENCE_LIST/>
</USER_DEFINED_CONTROL>
</CONTROLS>
</SECTION>
<SECTION>
<NUMBER>2</NUMBER>
<HEADING><![CDATA[SDC]]></HEADING>
<CONTROLS total="1">
<CONTROL>
<ID>1071</ID>
<CRITICALITY>
<LABEL><![CDATA[URGENT]]></LABEL>
<VALUE>5</VALUE>
</CRITICALITY>
<IS_CONTROL_DISABLE><![CDATA[0]]></IS_CONTROL_DISABLE>
<TECHNOLOGIES total="1">
<TECHNOLOGY>
<ID>80</ID>
<NAME>CentOS 7.x</NAME>
<EVALUATE><CTRL><DP><K>rh06.secman.system.logindefs-min-password-length</K><OP>ge</OP><V>0</V><FV set="1">161803399999999</FV><FV set="1">314159265358979</FV></DP></CTRL></EVALUATE>
<REMEDIATION/>
</TECHNOLOGY>
</TECHNOLOGIES>
</CONTROL>
</CONTROLS>
</SECTION>
</SECTIONS>
</POLICY>
</RESPONSE>
</POLICY_EXPORT_OUTPUT>
Policy Import API
Sample - Policy ImportSample - Policy Import
API Request
curl -k -s -S -H 'X-Requested-With:curl demo2' -u "username:Password#" -H Content-type:text/xml --data-binary "@/home/mprasad/Policy_export_V3sample.xml" "https://<qualys_base_url>/api/3.0/fo/compliance/policy/?action=import&title=V3sample"
API Response
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE SIMPLE_RETURN SYSTEM "https://<qualys_base_url>/api/3.0/simple_return.dtd">
<SIMPLE_RETURN>
<RESPONSE>
<DATETIME>2025-06-27T12:04:53Z</DATETIME>
<TEXT>Successfully imported compliance policy</TEXT>
<ITEM_LIST>
<ITEM>
<KEY>ID</KEY>
<VALUE>5757988</VALUE>
</ITEM>
<ITEM>
<KEY>TITLE</KEY>
<VALUE>V3sample</VALUE>
</ITEM>
</ITEM_LIST>
</RESPONSE>
</SIMPLE_RETURN>
Policies API: Display Control Status for a Control
With this release, we have introduced a new tag - IS_ACTIVE in the API response to display the status of the control for the Windows and Linux technologies. This tag is added to the following APIs:
- List Controls API (/api/4.0/fo/compliance/control/)
- Policy Export and Import API (/api/4.0/fo/compliance/policy/)
Previously, users would create multiple policies containing User-Defined Controls (UDCs) for Windows or Linux. However, there was no indication if these controls were active or inactive. With the new tag, you can identify if the control is active or inactive for Windows and Linux technologies.
List Controls API
| New or Updated API | Updated |
| API Endpoint (deprecation Timeline - December 2025) | /api/3.0/fo/compliance/control/ |
| API Endpoint (New Version) |
/api/4.0/fo/compliance/control/ |
| Method | GET and POST |
| DTD or XSD changes | Yes |
Sample - List ControlsSample - List Controls
API Request
curl -k -s -S -H 'X-Requested-With:curl demo2' -u "quaylys_username:Password@" -d "action=list&details=All&ids=100019" "https://<qualys_base_url>/api/4.0/fo/compliance/control/"
API Response
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE CONTROL_LIST_OUTPUT SYSTEM "https://
<qualys_base_url>/api/4.0/fo/compliance/control/control_list_output.dtd">
<CONTROL_LIST_OUTPUT>
<RESPONSE>
<DATETIME>2025-06-02T05:12:46Z</DATETIME>
<CONTROL_LIST>
<CONTROL>
<ID>100019</ID>
<UPDATE_DATE>2025-05-05T09:36:52Z</UPDATE_DATE>
<CREATED_DATE>2025-05-05T09:14:23Z</CREATED_DATE>
<CATEGORY>Access Control Requirements</CATEGORY>
<SUB_CATEGORY>
<![CDATA[Authentication/Passwords]]>
</SUB_CATEGORY>
<STATEMENT>
<![CDATA[File Content Check-Manager]]>
</STATEMENT>
<CRITICALITY>
<LABEL>
<![CDATA[URGENT]]>
</LABEL>
<VALUE>5</VALUE>
</CRITICALITY>
<CHECK_TYPE>
<![CDATA[Unix File Content Check]]>
</CHECK_TYPE>
<COMMENT>
<![CDATA[]]>
</COMMENT>
<IS_ACTIVE>0</IS_ACTIVE>
<IGNORE_ERROR>0</IGNORE_ERROR>
<IGNORE_ITEM_NOT_FOUND>0</IGNORE_ITEM_NOT_FOUND>
<SCAN_PARAMETERS>
<FILE_PATH>
<![CDATA[c:/windows/notepad.exe]]>
</FILE_PATH>
<FILE_QUERY>
<![CDATA[.*]]>
</FILE_QUERY>
<DATA_TYPE>Line List</DATA_TYPE>
<EVALUATE_AS_STRING>0</EVALUATE_AS_STRING>
<DESCRIPTION>
<![CDATA[Test description]]>
</DESCRIPTION>
</SCAN_PARAMETERS>
<TECHNOLOGY_LIST>
<TECHNOLOGY>
<ID>4</ID>
<NAME>Solaris 9.x</NAME>
<RATIONALE>
<![CDATA[Error]]>
</RATIONALE>
<DATAPOINT>
<CARDINALITY>match any</CARDINALITY>
<OPERATOR>re</OPERATOR>
<DEFAULT_VALUES total="1">
<DEFAULT_VALUE>
<![CDATA[0]]>
</DEFAULT_VALUE>
</DEFAULT_VALUES>
</DATAPOINT>
</TECHNOLOGY>
<TECHNOLOGY>
<ID>10</ID>
<NAME>Solaris 10.x</NAME>
<RATIONALE>
<![CDATA[Error]]>
</RATIONALE>
<DATAPOINT>
<CARDINALITY>match any</CARDINALITY>
<OPERATOR>re</OPERATOR>
<DEFAULT_VALUES total="1">
<DEFAULT_VALUE>
<![CDATA[0]]>
</DEFAULT_VALUE>
</DEFAULT_VALUES>
</DATAPOINT>
</TECHNOLOGY>
</TECHNOLOGY_LIST>
</CONTROL>
</CONTROL_LIST>
</RESPONSE>
</CONTROL_LIST_OUTPUT>
DTD UpdateDTD Update
A DTD for the List Controls API has been added.
<platform API server>api/4.0/fo/compliance/control/control_list_output.dtd
DTD output for the List Controls API is as follows:
DTD Output
<! QUALYS CONTROL_LIST_OUTPUT DTD > <!ELEMENT CONTROL_LIST_OUTPUT (REQUEST?,RESPONSE)> <!ELEMENT REQUEST (DATETIME, USER_LOGIN, RESOURCE, PARAM_LIST?, POST_DATA?)> <!ELEMENT DATETIME (#PCDATA)> <!ELEMENT USER_LOGIN (#PCDATA)> <!ELEMENT RESOURCE (#PCDATA)> <!ELEMENT PARAM_LIST (PARAM+)> <!ELEMENT PARAM (KEY, VALUE)> <!ELEMENT KEY (#PCDATA)> <!ELEMENT VALUE (#PCDATA)> <! if returned, POST_DATA will be urlencoded > <!ELEMENT POST_DATA (#PCDATA)> <!ELEMENT RESPONSE (DATETIME, (CONTROL_LIST|ID_SET)?, WARNING?)> <!ELEMENT CONTROL_LIST (CONTROL+)> <!ELEMENT CONTROL (ID, UPDATE_DATE, CREATED_DATE, CATEGORY, SUB_CATEGORY, STATEMENT, CRITICALITY?, DEPRECATED?, DEPRECATED_DATE?, CHECK_TYPE?, COMMENT?, USE_AGENT_ONLY?, AUTO_UPDATE?, IGNORE_ERROR?, (IGNORE_ITEM_NOT_FOUND|ERROR_SET_STATUS)?, SCAN_PARAMETERS?, TECHNOLOGY_LIST, FRAMEWORK_LIST?, IS_ACTIVE?)> <!ELEMENT ID (#PCDATA)> <!ELEMENT UPDATE_DATE (#PCDATA)> <!ELEMENT CREATED_DATE (#PCDATA)> <!ELEMENT CATEGORY (#PCDATA)> <!ELEMENT SUB_CATEGORY (#PCDATA)> <!ELEMENT STATEMENT (#PCDATA)> <!ELEMENT CRITICALITY (LABEL, VALUE)> <!ELEMENT LABEL (#PCDATA)> <!ELEMENT DEPRECATED (#PCDATA)> <!ELEMENT DEPRECATED_DATE (#PCDATA)> <!ELEMENT CHECK_TYPE (#PCDATA)> <!ELEMENT COMMENT (#PCDATA)> <!ELEMENT USE_AGENT_ONLY (#PCDATA)> <!ELEMENT IS_ACTIVE (#PCDATA)> <!ELEMENT AUTO_UPDATE (#PCDATA)> <!ELEMENT IGNORE_ERROR (#PCDATA)> <!ELEMENT IGNORE_ITEM_NOT_FOUND (#PCDATA)> <!ELEMENT ERROR_SET_STATUS (#PCDATA)> <!ELEMENT SCAN_PARAMETERS (PATH_TYPE?, REG_HIVE?, REG_KEY?, REG_VALUE_NAME?, FILE_PATH?, FILE_QUERY?, HASH_TYPE?, WMI_NS?, WMI_QUERY?, SHARE_USER?, PATH_USER?, GROUP_NAME?, GROUP_NAME_LIMIT?,BASE_DIR?, SHOULD_DESCEND?, DEPTH_LIMIT?, INTEGRITY_CHECK_DEPTH_LIMIT?, FOLLOW_SYMLINK?, FILE_NAME_MATCH?, FILE_NAME_SKIP?, DIR_NAME_MATCH?, DIR_NAME_SKIP?, WIN_FILE_SYS_OBJECT_TYPES?,MATCH_WELL_KNOWN_USERS_FOR_ANY_DOMAIN?, WIN_PERMISSION_USERS?, WIN_PERMISSION_MATCH?, WIN_PERMISSIONS?, PERMISSIONS?, PERM_COND?, TYPE_MATCH?, USER_OWNER?,GROUP_OWNER?, SCRIPT_ID?, SCRIPT_NAME?, OUTPUT_FILTER?, TIME_LIMIT?, MATCH_LIMIT?, INTEGRITY_CHECK_TIME_LIMIT?, FILE_CONTENT_CHECK_V2_TIME_LIMIT?, FILE_CONTENT_CHECK_V2_MATCH_LIMIT?, INTEGRITY_CHECK_MATCH_LIMIT?, INTEGRITY_CHECK_OBJECT_TYPES?, DISABLE_CASE_SENSITIVE_SEARCH?,EXCLUDE_USER_OWNER?, EXCLUDE_GROUP_OWNER?, DIGEST_HASH?, PERMISSION_MONITOR?, DATA_TYPE, EVALUATE_AS_STRING?, DESCRIPTION)> <!ELEMENT PATH_TYPE (#PCDATA)> <!ELEMENT REG_HIVE (#PCDATA)> <!ELEMENT REG_KEY (#PCDATA)> <!ELEMENT REG_VALUE_NAME (#PCDATA)> <!ELEMENT FILE_PATH (#PCDATA)> <!ELEMENT FILE_QUERY (#PCDATA)> <!ELEMENT HASH_TYPE (#PCDATA)> <!ELEMENT WMI_NS (#PCDATA)> <!ELEMENT WMI_QUERY (#PCDATA)> <!ELEMENT SHARE_USER (#PCDATA)> <!ELEMENT PATH_USER (#PCDATA)> <!ELEMENT GROUP_NAME (#PCDATA)> <!ELEMENT GROUP_NAME_LIMIT (#PCDATA)> <!ELEMENT BASE_DIR (#PCDATA)> <!ELEMENT DEPTH_LIMIT (#PCDATA)> <!ELEMENT INTEGRITY_CHECK_DEPTH_LIMIT (#PCDATA)> <!ELEMENT FILE_NAME_MATCH (#PCDATA)> <!ELEMENT FILE_NAME_SKIP (#PCDATA)> <!ELEMENT DIR_NAME_MATCH (#PCDATA)> <!ELEMENT DIR_NAME_SKIP (#PCDATA)> <!ELEMENT TIME_LIMIT (#PCDATA)> <!ELEMENT MATCH_LIMIT (#PCDATA)> <!ELEMENT WIN_FILE_SYS_OBJECT_TYPES (#PCDATA)> <!ELEMENT MATCH_WELL_KNOWN_USERS_FOR_ANY_DOMAIN (#PCDATA)> <!ELEMENT WIN_PERMISSION_USERS (#PCDATA)> <!ELEMENT WIN_PERMISSION_MATCH (#PCDATA)> <!ELEMENT SHOULD_DESCEND (#PCDATA)> <!ELEMENT FOLLOW_SYMLINK (#PCDATA)> <!ELEMENT PERMISSIONS (SPECIAL, USER, GROUP, OTHER)> <!ELEMENT PERM_COND (#PCDATA)> <!ELEMENT TYPE_MATCH (#PCDATA)> <!ELEMENT USER_OWNER (#PCDATA)> <!ELEMENT GROUP_OWNER (#PCDATA)> <!ELEMENT DB_QUERY (#PCDATA)> <!ELEMENT SCRIPT_ID (#PCDATA)> <!ELEMENT SCRIPT_NAME (#PCDATA)> <!ELEMENT OUTPUT_FILTER (#PCDATA)> <!ELEMENT WIN_PERMISSIONS (WIN_BASIC_PERMISSIONS?, WIN_ADVANCED_PERMISSIONS?)> <!ELEMENT WIN_BASIC_PERMISSIONS (WIN_BASIC_PERMISSION_TYPE+)> <!ELEMENT WIN_ADVANCED_PERMISSIONS (WIN_ADVANCED_PERMISSION_TYPE+)> <!ELEMENT WIN_BASIC_PERMISSION_TYPE (#PCDATA)> <!ELEMENT WIN_ADVANCED_PERMISSION_TYPE (#PCDATA)> <!ELEMENT SPECIAL (USER, GROUP, DELETION)> <!ELEMENT USER (#PCDATA|READ|WRITE|EXECUTE)*> <!ELEMENT GROUP (#PCDATA|READ|WRITE|EXECUTE)*> <!ELEMENT OTHER (READ, WRITE, EXECUTE)> <!ELEMENT DELETION (#PCDATA)> <!ELEMENT READ (#PCDATA)> <!ELEMENT WRITE (#PCDATA)> <!ELEMENT EXECUTE (#PCDATA)> <!ELEMENT INTEGRITY_CHECK_TIME_LIMIT (#PCDATA)> <!ELEMENT FILE_CONTENT_CHECK_V2_TIME_LIMIT (#PCDATA)> <!ELEMENT FILE_CONTENT_CHECK_V2_MATCH_LIMIT (#PCDATA)> <!ELEMENT INTEGRITY_CHECK_MATCH_LIMIT (#PCDATA)> <!ELEMENT INTEGRITY_CHECK_OBJECT_TYPES (#PCDATA)> <!ELEMENT DIGEST_HASH (#PCDATA)> <!ELEMENT PERMISSION_MONITOR (#PCDATA)> <!ELEMENT DISABLE_CASE_SENSITIVE_SEARCH (#PCDATA)> <!ELEMENT EXCLUDE_USER_OWNER (#PCDATA)> <!ELEMENT EXCLUDE_GROUP_OWNER (#PCDATA)> <!ELEMENT DATA_TYPE (#PCDATA)> <!ELEMENT EVALUATE_AS_STRING (#PCDATA)> <!ELEMENT DESCRIPTION (#PCDATA)> <!ELEMENT TECHNOLOGY_LIST (TECHNOLOGY+)> <!ELEMENT TECHNOLOGY (ID, NAME, RATIONALE, DATAPOINT+, USE_SCAN_VALUE?, DB_QUERY?, DESCRIPTION?)> <!ELEMENT NAME (#PCDATA)> <!ELEMENT RATIONALE (#PCDATA)> <!ELEMENT DATAPOINT (CARDINALITY, OPERATOR, DEFAULT_VALUES)> <!ELEMENT USE_SCAN_VALUE (#PCDATA)> <!ELEMENT CARDINALITY (#PCDATA)> <!ELEMENT OPERATOR (#PCDATA)> <!ELEMENT DEFAULT_VALUES (DEFAULT_VALUE+)> <!ATTLIST DEFAULT_VALUES total CDATA "0"> <!ELEMENT DEFAULT_VALUE (#PCDATA)> <!ELEMENT FRAMEWORK_LIST (FRAMEWORK+)> <!ELEMENT FRAMEWORK (ID, NAME, REFERENCE_LIST)> <!ELEMENT REFERENCE_LIST (REFERENCE+)> <!ELEMENT REFERENCE (SECTION, COMMENTS)> <!ELEMENT SECTION (#PCDATA)> <!ELEMENT COMMENTS (#PCDATA)> <!ELEMENT ID_SET (ID|ID_RANGE)+> <!ELEMENT ID_RANGE (#PCDATA)> <!ELEMENT WARNING (CODE?, TEXT, URL?)> <!ELEMENT CODE (#PCDATA)> <!ELEMENT TEXT (#PCDATA)> <!ELEMENT URL (#PCDATA)>
Policies API - Export and Import
| New or Updated API | Updated |
| API Endpoint (deprecation Timeline - December 2025) | /api/3.0/fo/compliance/policy/ |
| API Endpoint (New Version) |
/api/4.0/fo/compliance/policy/ |
| Method | GET and POST |
| DTD or XSD changes | Yes |
Policy Export API
Sample - Policy ExportSample - Policy Export
API Request
curl -k -s -S -H 'X-Requested-With:curl demo2' -u "quaylys_username:Password@" -d "action=export&id=5744989&show_user_controls=1" "https://<qualys_base_url>/api/4.0/fo/compliance/policy/"> Policy_export_id_1.xml
Response
<?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE POLICY_EXPORT_OUTPUT SYSTEM "https://<qualys_base_url>/api/4.0/fo/compliance/policy/policy_export_output.dtd"> <POLICY_EXPORT_OUTPUT> <RESPONSE> <DATETIME>2025-06-25T15:29:46Z</DATETIME> <POLICY> <TITLE> <![CDATA[One UDC]]> </TITLE> <EXPORTED> <![CDATA[2025-06-25T15:29:46Z]]> </EXPORTED> <COVER_PAGE> <![CDATA[]]> </COVER_PAGE> <STATUS> <![CDATA[active]]> </STATUS> <TECHNOLOGIES total="1"> <TECHNOLOGY> <ID>80</ID> <NAME>CentOS 7.x</NAME> </TECHNOLOGY> </TECHNOLOGIES> <SECTIONS total="1"> <SECTION> <NUMBER>1</NUMBER> <HEADING> <![CDATA[UDC]]> </HEADING> <CONTROLS total="1"> <USER_DEFINED_CONTROL> <ID>100000</ID> <UDC_ID>3e8fada3-8bc3-f557-8115-c567323d327a</UDC_ID> <CHECK_TYPE>Unix File/Directory Existence</CHECK_TYPE> <IS_CONTROL_DISABLE> <![CDATA[0]]> </IS_CONTROL_DISABLE> <CATEGORY> <ID>2</ID> <NAME> <![CDATA[Web Application Services]]> </NAME> </CATEGORY> <SUB_CATEGORY> <ID>1028</ID> <NAME> <![CDATA[Web Server/Tier Settings]]> </NAME> </SUB_CATEGORY> <STATEMENT> <![CDATA[CitiJSONUDC2]]> </STATEMENT> <CRITICALITY> <LABEL> <![CDATA[URGENT]]> </LABEL> <VALUE>5</VALUE> </CRITICALITY> <COMMENT> <![CDATA[]]> </COMMENT> <USE_AGENT_ONLY>0</USE_AGENT_ONLY> <AUTO_UPDATE>0</AUTO_UPDATE> <IGNORE_ERROR>0</IGNORE_ERROR> <IGNORE_ITEM_NOT_FOUND>0</IGNORE_ITEM_NOT_FOUND> <SCAN_PARAMETERS> <FILE_PATH> <![CDATA[/etc/profile]]> </FILE_PATH> <DATA_TYPE>Boolean</DATA_TYPE> <DESCRIPTION> <![CDATA[NA]]> </DESCRIPTION> </SCAN_PARAMETERS> <TECHNOLOGIES total="1"> <TECHNOLOGY> <ID>80</ID> <NAME>CentOS 7.x</NAME> <EVALUATE> <CTRL> <DP> <K>custom.file_dir_exist.4211083</K> <L>2</L> <V>true</V> </DP> </CTRL> </EVALUATE> <RATIONALE> <![CDATA[RA]]> </RATIONALE> <REMEDIATION> <![CDATA[]]> </REMEDIATION> <DATAPOINT> <CARDINALITY>no cd</CARDINALITY> <OPERATOR>no op</OPERATOR> <DEFAULT_VALUES total="1"> <DEFAULT_VALUE>true</DEFAULT_VALUE> </DEFAULT_VALUES> </DATAPOINT> </TECHNOLOGY> </TECHNOLOGIES> <REFERENCE_LIST/> <IS_ACTIVE>1</IS_ACTIVE> </USER_DEFINED_CONTROL> </CONTROLS> </SECTION> </SECTIONS> </POLICY> </RESPONSE> </POLICY_EXPORT_OUTPUT>
DTD UpdateDTD Update
A DTD for the Policy Export API has been added.
<platform API server>api/4.0/fo/compliance/policy/policy_export_output.dtd
DTD output for the Policy Export API is as follows:
DTD Output
<! QUALYS POLICY_EXPORT_OUTPUT DTD >
<!ELEMENT POLICY_EXPORT_OUTPUT (REQUEST?, RESPONSE)>
<!ELEMENT REQUEST (DATETIME, USER_LOGIN, RESOURCE, PARAM_LIST?, POST_DATA?)>
<!ELEMENT DATETIME (#PCDATA)>
<!ELEMENT USER_LOGIN (#PCDATA)>
<!ELEMENT RESOURCE (#PCDATA)>
<!ELEMENT PARAM_LIST (PARAM+)>
<!ELEMENT PARAM (KEY, VALUE)>
<!ELEMENT KEY (#PCDATA)>
<!ELEMENT VALUE (#PCDATA)>
<! if returned, POST_DATA will be urlencoded >
<!ELEMENT POST_DATA (#PCDATA)>
<!ELEMENT RESPONSE (DATETIME, POLICY)>
<!ELEMENT POLICY (TITLE, DESCRIPTION?, LOCKED?, EXPORTED, COVER_PAGE?, STATUS?, TECHNOLOGIES, SECTIONS, APPENDIX?)>
<!ELEMENT TITLE (#PCDATA)>
<!ELEMENT DESCRIPTION (#PCDATA)>
<!ELEMENT LOCKED (#PCDATA)>
<!ELEMENT EXPORTED (#PCDATA)>
<!ELEMENT COVER_PAGE (#PCDATA)>
<!ELEMENT SECTIONS (SECTION*)>
<!ATTLIST SECTIONS total CDATA #IMPLIED>
<!ELEMENT SECTION (NUMBER, HEADING, CONTROLS)>
<!ELEMENT NUMBER (#PCDATA)>
<!ELEMENT HEADING (#PCDATA)>
<!ELEMENT CONTROLS ((CONTROL|USER_DEFINED_CONTROL)*)>
<!ATTLIST CONTROLS total CDATA #IMPLIED>
<!ELEMENT CONTROL (ID, CRITICALITY?, REFERENCE_TEXT?, IS_CONTROL_DISABLE?,TECHNOLOGIES)>
<!ELEMENT ID (#PCDATA)>
<!ELEMENT STATUS (#PCDATA)>
<!ELEMENT CRITICALITY (LABEL, VALUE)>
<!ELEMENT IS_CONTROL_DISABLE (#PCDATA)>
<!ELEMENT REFERENCE_TEXT (#PCDATA)>
<!ELEMENT LABEL (#PCDATA)>
<!ELEMENT TECHNOLOGIES (TECHNOLOGY*)>
<!ATTLIST TECHNOLOGIES total CDATA #IMPLIED>
<!ELEMENT TECHNOLOGY (ID, NAME?, EVALUATE?, RATIONALE?, REMEDIATION?, DATAPOINT?, USE_SCAN_VALUE?, DB_QUERY?, DESCRIPTION?)>
<!ELEMENT NAME (#PCDATA)>
<!ELEMENT EVALUATE (CTRL*)>
<!ELEMENT RATIONALE (#PCDATA)>
<!ELEMENT REMEDIATION (#PCDATA)>
<!ELEMENT CTRL (AND|OR|NOT|DP)+>
<!ELEMENT AND (AND|OR|NOT|DP)+>
<!ELEMENT OR (AND|OR|NOT|DP)+>
<!ELEMENT NOT (AND|OR|NOT|DP)+>
<!ELEMENT DP (K|OP|CD|L|V|FV|DBCOL|DT)+>
<!ELEMENT K (#PCDATA)>
<!ELEMENT OP (#PCDATA)>
<!ELEMENT CD (#PCDATA)>
<!ELEMENT L (#PCDATA)>
<!ELEMENT V (#PCDATA)>
<!ELEMENT FV (#PCDATA)>
<!ATTLIST FV set CDATA #IMPLIED>
<!ELEMENT DBCOL (#PCDATA)>
<!ELEMENT DT (#PCDATA)>
<!ELEMENT DATAPOINT (CARDINALITY?, OPERATOR?, DEFAULT_VALUES?)>
<!ELEMENT CARDINALITY (#PCDATA)>
<!ELEMENT OPERATOR (#PCDATA)>
<!ELEMENT DEFAULT_VALUES (DEFAULT_VALUE*)>
<!ATTLIST DEFAULT_VALUES total CDATA #IMPLIED>
<!ELEMENT DEFAULT_VALUE (#PCDATA)>
<!ELEMENT USE_SCAN_VALUE (#PCDATA)>
<!ELEMENT USER_DEFINED_CONTROL (ID, UDC_ID, CHECK_TYPE, IS_CONTROL_DISABLE?, CATEGORY, SUB_CATEGORY, STATEMENT, CRITICALITY?, COMMENT?, USE_AGENT_ONLY?, AUTO_UPDATE?, IGNORE_ERROR, (IGNORE_ITEM_NOT_FOUND|ERROR_SET_STATUS)?, SCAN_PARAMETERS?, REFERENCE_TEXT?, TECHNOLOGIES, REFERENCE_LIST, IS_ACTIVE?)>
<!ELEMENT UDC_ID (#PCDATA)>
<!ELEMENT CHECK_TYPE (#PCDATA)>
<!ELEMENT CATEGORY (ID, NAME)>
<!ELEMENT SUB_CATEGORY (ID, NAME)>
<!ELEMENT STATEMENT (#PCDATA)>
<!ELEMENT COMMENT (#PCDATA)>
<!ELEMENT USE_AGENT_ONLY (#PCDATA)>
<!ELEMENT AUTO_UPDATE (#PCDATA)>
<!ELEMENT IGNORE_ERROR (#PCDATA)>
<!ELEMENT IGNORE_ITEM_NOT_FOUND (#PCDATA)>
<!ELEMENT REFERENCE_LIST (REFERENCE*)>
<!ELEMENT REFERENCE (REF_DESCRIPTION?, URL?)>
<!ELEMENT REF_DESCRIPTION (#PCDATA)>
<!ELEMENT URL (#PCDATA)>
<!ELEMENT ERROR_SET_STATUS (#PCDATA)>
<!ELEMENT IS_ACTIVE (#PCDATA)>
<!ELEMENT SCAN_PARAMETERS (PATH_TYPE?, REG_HIVE?, REG_KEY?, REG_VALUE_NAME?, FILE_PATH?, FILE_QUERY?, HASH_TYPE?, WMI_NS?, WMI_QUERY?, SHARE_USER?,
PATH_USER?, BASE_DIR?, SHOULD_DESCEND?, DEPTH_LIMIT?, INTEGRITY_CHECK_DEPTH_LIMIT?, FOLLOW_SYMLINK?, FILE_NAME_MATCH?, FILE_NAME_SKIP?, DIR_NAME_MATCH?,
DIR_NAME_SKIP?, PERMISSIONS?, PERM_COND?, TYPE_MATCH?, USER_OWNER?, GROUP_OWNER?, TIME_LIMIT?, MATCH_LIMIT?, INTEGRITY_CHECK_TIME_LIMIT?, FILE_CONTENT_CHECK_V2_TIME_LIMIT?, FILE_CONTENT_CHECK_V2_MATCH_LIMIT?,
INTEGRITY_CHECK_MATCH_LIMIT?, DISABLE_CASE_SENSITIVE_SEARCH?,EXCLUDE_USER_OWNER?, EXCLUDE_GROUP_OWNER?, INTEGRITY_CHECK_OBJECT_TYPES?, WIN_FILE_SYS_OBJECT_TYPES?,
MATCH_WELL_KNOWN_USERS_FOR_ANY_DOMAIN?, WIN_PERMISSION_USERS?, WIN_PERMISSION_MATCH?, WIN_PERMISSIONS?, GROUP_NAME?,
SCRIPT_ID?, SCRIPT_NAME?, OUTPUT_FILTER?,
GROUP_NAME_LIMIT?, DIGEST_HASH?, PERMISSION_MONITOR?, DATA_TYPE, EVALUATE_AS_STRING?, DESCRIPTION)>
<!ELEMENT PATH_TYPE (#PCDATA)>
<!ELEMENT REG_HIVE (#PCDATA)>
<!ELEMENT REG_KEY (#PCDATA)>
<!ELEMENT REG_VALUE_NAME (#PCDATA)>
<!ELEMENT FILE_PATH (#PCDATA)>
<!ELEMENT FILE_QUERY (#PCDATA)>
<!ELEMENT HASH_TYPE (#PCDATA)>
<!ELEMENT WMI_NS (#PCDATA)>
<!ELEMENT WMI_QUERY (#PCDATA)>
<!ELEMENT SHARE_USER (#PCDATA)>
<!ELEMENT PATH_USER (#PCDATA)>
<!ELEMENT BASE_DIR (#PCDATA)>
<!ELEMENT SHOULD_DESCEND (#PCDATA)>
<!ELEMENT DEPTH_LIMIT (#PCDATA)>
<!ELEMENT INTEGRITY_CHECK_DEPTH_LIMIT (#PCDATA)>
<!ELEMENT FOLLOW_SYMLINK (#PCDATA)>
<!ELEMENT FILE_NAME_MATCH (#PCDATA)>
<!ELEMENT FILE_NAME_SKIP (#PCDATA)>
<!ELEMENT DIR_NAME_MATCH (#PCDATA)>
<!ELEMENT DIR_NAME_SKIP (#PCDATA)>
<!ELEMENT PERM_COND (#PCDATA)>
<!ELEMENT TYPE_MATCH (#PCDATA)>
<!ELEMENT USER_OWNER (#PCDATA)>
<!ELEMENT GROUP_OWNER (#PCDATA)>
<!ELEMENT TIME_LIMIT (#PCDATA)>
<!ELEMENT MATCH_LIMIT (#PCDATA)>
<!ELEMENT DISABLE_CASE_SENSITIVE_SEARCH (#PCDATA)>
<!ELEMENT EXCLUDE_USER_OWNER (#PCDATA)>
<!ELEMENT EXCLUDE_GROUP_OWNER (#PCDATA)>
<!ELEMENT INTEGRITY_CHECK_TIME_LIMIT (#PCDATA)>
<!ELEMENT FILE_CONTENT_CHECK_V2_TIME_LIMIT (#PCDATA)>
<!ELEMENT FILE_CONTENT_CHECK_V2_MATCH_LIMIT (#PCDATA)>
<!ELEMENT INTEGRITY_CHECK_MATCH_LIMIT (#PCDATA)>
<!ELEMENT INTEGRITY_CHECK_OBJECT_TYPES (#PCDATA)>
<!ELEMENT DIGEST_HASH (#PCDATA)>
<!ELEMENT PERMISSION_MONITOR (#PCDATA)>
<!ELEMENT WIN_PERMISSION_MATCH (#PCDATA)>
<!ELEMENT MATCH_WELL_KNOWN_USERS_FOR_ANY_DOMAIN (#PCDATA)>
<!ELEMENT WIN_PERMISSION_USERS (#PCDATA)>
<!ELEMENT GROUP_NAME (#PCDATA)>
<!ELEMENT GROUP_NAME_LIMIT (#PCDATA)>
<!ELEMENT DATA_TYPE (#PCDATA)>
<!ELEMENT DB_QUERY (#PCDATA)>
<!ELEMENT SCRIPT_ID (#PCDATA)>
<!ELEMENT SCRIPT_NAME (#PCDATA)>
<!ELEMENT OUTPUT_FILTER (#PCDATA)>
<!ELEMENT PERMISSIONS (SPECIAL, USER, GROUP, OTHER)>
<!ELEMENT SPECIAL (SPECIAL_USER, SPECIAL_GROUP, SPECIAL_DELETION)>
<!ELEMENT SPECIAL_USER (#PCDATA)>
<!ELEMENT SPECIAL_GROUP (#PCDATA)>
<!ELEMENT SPECIAL_DELETION (#PCDATA)>
<!ELEMENT USER (READ, WRITE, EXECUTE)>
<!ELEMENT GROUP (READ, WRITE, EXECUTE)>
<!ELEMENT OTHER (READ, WRITE, EXECUTE)>
<!ELEMENT READ (#PCDATA)>
<!ELEMENT WRITE (#PCDATA)>
<!ELEMENT EXECUTE (#PCDATA)>
<!ELEMENT WIN_PERMISSIONS (WIN_BASIC_PERMISSIONS?, WIN_ADVANCED_PERMISSIONS?)>
<!ELEMENT WIN_BASIC_PERMISSIONS (WIN_BASIC_PERMISSION_TYPE+)>
<!ELEMENT WIN_BASIC_PERMISSION_TYPE (#PCDATA)>
<!ELEMENT WIN_ADVANCED_PERMISSIONS (WIN_ADVANCED_PERMISSION_TYPE+)>
<!ELEMENT WIN_ADVANCED_PERMISSION_TYPE (#PCDATA)>
<!ELEMENT WIN_FILE_SYS_OBJECT_TYPES (#PCDATA)>
<!ELEMENT EVALUATE_AS_STRING (#PCDATA)>
<!ELEMENT APPENDIX (OP_ACRONYMS, DATA_POINT_ACRONYMS+)>
<!ELEMENT OP_ACRONYMS (OP+)>
<!ATTLIST OP id CDATA #IMPLIED>
<!ELEMENT DATA_POINT_ACRONYMS (DP+)>
<!ATTLIST K id CDATA #IMPLIED>
<!ATTLIST FV id CDATA #IMPLIED>
Policy Import API
Sample - Policy ImportSample - Policy Import
API Request
curl -k -s -S -H 'X-Requested-With:curl demo2' -u "quaylys_username:Password@" -H Content-type:text/xml --data-binary "<file_directory_path>/compliance/policy_import_api.xml" "https://<qualys_base_url>/api/4.0/fo/compliance/policy/?action=import&title=UDC_inactive_create_v4&create_user_controls=1"
API Response
<?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE SIMPLE_RETURN SYSTEM "https://<qualys_base_url>/api/4.0/simple_return.dtd"> <SIMPLE_RETURN> <RESPONSE> <DATETIME>2025-06-02T13:23:31Z</DATETIME> <TEXT>Successfully imported compliance policy</TEXT> <ITEM_LIST> <ITEM> <KEY>ID</KEY> <VALUE>1464127</VALUE> </ITEM> <ITEM> <KEY>TITLE</KEY> <VALUE>UDC_inactive_create_v4</VALUE> </ITEM> </ITEM_LIST> </RESPONSE> </SIMPLE_RETURN>