Release 10.32 API
January 10, 2025
Before understanding the API release highlights, learn more about the API server URL to be used in your API requests by referring to the Know Your Qualys API Server URL section. For this API Release Notes, <qualys_base_url> is mentioned in the sample API requests.
We have implemented versioning for APIs. For more information on API versioning, refer to the Introducing API Versioning: A Strategic Upgrade for Enhanced Stability and Control for API Integrations blog.
What’s New?
OpenID Connect API Authentication Support
With this release, we have upgraded our API security by incorporating OpenID Connect for Qualys API authentication and authorization. When OpenID Connect API authentication is implemented, IdP is used for user authentication and JWT token generation for the Qualys API access.
Once you enable OpenID connect authentication, you can use either basic authentication or JWT token authentication while executing the Qualys APIs.
Key Highlights
- Seamless integration of OpenID Connect to enhance API authentication and authorization measures.
- Compatibility with current identity providers and authentication to facilitate a seamless integration experience.
- This authentication is supported by all Qualys APIs, /api/2.0/ and onward versions.
- Eliminates the need for users to provide a username and password. This streamlines Qualys API access by allowing users to use JWT tokens, bypassing the hassle associated with usernames and passwords.
- This feature is not available by default. Contact Qualys support to enable it for your subscription. There is an onboarding process that needs to be followed. Refer to the Onboarding Process.
- This feature requires IdP.
- Enhanced API security
OpenID Connect (OIDC) uses tokens to establish a user's identity and grant access. - Standardized access control
OpenID Connect (OIDC) provides a standardized way to manage user identities and access control. - Centralized Authentication
By enabling IDP-initiated SSO, users can authenticate once through your organization’s Identity Provider (IDP) and gain access to all the necessary APIs without needing to log in again. This simplifies the user experience and reduces password fatigue, making access faster and more secure. - Compliance and Security
Helps to meet compliance requirements by ensuring that user authentication processes adhere to established security protocols like SAML and OIDC.
In order to enable OpenID Connect API authentication support, technical information needs to be provided as listed below
- IdP Name
The name of the Identity Provider (IdP) being configured. This can be a custom name or provided by the customer. Example: "TestNameforIDP Qualys Internal" - Entity ID
The unique identifier for the customer’s IdP. Typically, this is a URN or URL that serves as the IdP’s primary identifier during OIDC communications. Example: "https://example.com/idp" - Single Sign-On (SSO) URL
The URL where authentication requests will be sent. This is the endpoint where users are redirected to authenticate with the customer’s IdP. Example: "https://example.com/login" - Single Logout (SLO) URL (if applicable)
The URL for handling logout requests. If you support Single Logout, this endpoint will manage the termination of sessions both at the IdP and within Qualys. Example: "https://example.com/logout" - SSO Exit URL (optional)
The URL where users will be redirected after successful authentication. - Certificates
Public signing certificates for verifying the authenticity of SAML responses. Up to 3 certificates can be provided. The certificate must be in X.509 format (usually in .pem or .cer files).
Onboarding ProcessOnboarding Process
To start using OpenID Connect API authentication, the following onboarding process must be completed:
- Contact Qualys Support to request OpenID Connect API authentication activation for your subscription.
- Qualys Support requests the necessary technical information to enable OIDC. See the Prerequisites for the details.
- Upon receipt of the technical information, Qualys enables OpenID Connect API authentication support.
Use OpenID Connect API Authentication
Once the onboarding process is complete and the OpenID Connect API authentication is enabled, you can begin using it. To start using it, you first need to generate the JWT token and then use that token to execute the Qualys APIs.
Sample- Execute API Using JWT TokenSample- Execute API Using JWT Token
API Request
curl --location --request POST 'https:// <qualys_base_url>/api/2.0/fo/asset/ip/?action=add&enable_vm=1&ips=10.10.10.10&echo_request=1' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Bearer <JWT token value>'\
--header 'X-Requested-With: curl Autodemo' \
--header 'Accept: */*' \
--header 'Content-Length: 0'
API Response
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE SIMPLE_RETURN SYSTEM "https:// <qualys_base_url>/api/2.0/simple_return.dtd">
<SIMPLE_RETURN>
<REQUEST>
<DATETIME>2024-11-06T07:32:58Z</DATETIME>
<USER_LOGIN>mayur_aa</USER_LOGIN>
<RESOURCE>https:// <qualys_base_url>/api/2.0/fo/asset/ip/</RESOURCE>
<PARAM_LIST>
<PARAM>
<KEY>action</KEY>
<VALUE>add</VALUE>
</PARAM>
<PARAM>
<KEY>enable_vm</KEY>
<VALUE>1</VALUE>
</PARAM>
<PARAM>
<KEY>ips</KEY>
<VALUE>10.10.10.10</VALUE>
</PARAM>
<PARAM>
<KEY>echo_request</KEY>
<VALUE>1</VALUE>
</PARAM>
</PARAM_LIST>
</REQUEST>
<RESPONSE>
<DATETIME>2024-11-06T07:33:05Z</DATETIME>
<TEXT>IPs successfully added to Vulnerability Management</TEXT>
</RESPONSE>
</SIMPLE_RETURN>
Qualys Vulnerability Management (VM)
Azure Instance-Based Scans for Internal Assets
With this release, you can now launch and update the Azure instance- based scans for internal Assets based on location or virtual network using Azure connector using Scan API: Support for Azure Cloud Internal Scan. Once you create or update the scheduled Azure internal scan, you can view the list of scheduled scans in the Scheduled Scan API. When a scan is performed on the assets, you can view the list of launched scans in Scan API: View the list of launched Azure Scheduled Scan for internal Assets.
Scans API: Support for Azure Internal Scan
| New or Updated API | New |
| API Endpoint | /api/2.0/fo/scan/cloud/internal/job/ |
| Method | POST |
| DTD or XSD changes | No |
With this release, we have added a new API to launch and update the internal scan on Assets in Azure Cloud. You can use an Azure connector and launch Instance-based scans based on location or virtual network.
Earlier Qualys supported only perimeter scanning for Azure. Now, we are providing internal cloud scan support for Azure. Azure instance based scans for internal scan can be authenticated or unauthenticated scan. Azure internal scans supports only scheduled scans.
Only Manager, Unit Manager, and Scanner role users have permission to launch Azure internal scans.
Input Parameters - Creating and updating an Azure cloud internal scanInput Parameters - Creating and updating an Azure cloud internal scan
| Parameter Name |
Required/ Optional |
Data Type |
Description |
| action={create|update} | Required | String | Specify create to configure a new internal Azure schedule scan job. Specify update to make changes to an existing scan job. |
| scan_title={value} | Required | String | The scan title to create. |
| connector_name={value} | Required | String | The name of the connector to be used. We check if the specified connector_name exists for your Qualys subscription. If the specified connector name does not exists in your Qualys subscription, then the API request returns an error message - Invalid connector_name provided. One of these parameters must be specified in the request: conector_name or connector_uuid. These are mutually exclusive and cannot be specified in the same request. |
| connector_uuid={value} | Required | Integer | The ID of the connector to be used. We check if the specified connector_uuid exists for your Qualys subscription. If the specified connector name does not exists in your Qualys subscription, then the API request returns an error message - Invalid connector_uuid provided One of these parameters must be specified in the request: conector_name or connector_uuid. These are mutually exclusive and cannot be specified in the same request. |
| active={0|1} | required if the request action is create | Boolean | Specify 1 to create an active schedule. Specify 0 to create an inactive schedule. |
| option_title={value} | Required | String | The title of the option profile to be used.
One of these parameters must be specified in the request: option_title or option_id. These are mutually exclusive and cannot be specified in the same request. |
| option_id={value} | Required | Integer | The ID of the option profile to be used.
One of these parameters must be specified in the request: option_title or option_id. These are mutually exclusive and cannot be specified in the same request. |
| id={value} | Required | Integer | Only applicable for Update requests. The ID of the scan schedule you want to update. |
| module={vm} | Required if the request action is create | String | Currently enabled for VM only. |
| schedule={now|recurring} | Required if the request action is create | String | Specify now to schedule the scan job for now. Specify recurring to schedule the scan job to start at a later time or on a recurring basis. See Scheduling Parameters. |
| cloud_provider={azure} | Required | String | Currently supporting Azure only. |
| cloud_service={vm} | Required | String | Currently providing only VM cloud service. |
| priority={value} | Optional | Integer | Specify a value of 0 - 9 to set a processing priority level for the scan. When not specified, a value of 0 (no priority) is used. Valid values are: 0 = No Priority (the default) 1 = Emergency 2 = Ultimate 3 = Critical 4 = Major 5 = High 6 = Standard 7 = Medium 8 = Minor 9 = Low |
| iscanner_id={value} | Required | Integer | The IDs of the scanner appliances to be used. Multiple entries are comma-separated.
iscanner_id and iscanner_name cannot be specified in the same request. |
| iscanner_name={value} | Required | String | The friendly names of the scanner appliances to be used.
iscanner_id and iscanner_name cannot be specified in the same request. |
| platform_type={location| virtual_network } | Required | String | Select the platform type as either location or Virtual Network. |
| region_code={value} | Required | String |
The Azure region code. Valid values are: ap-northeast-1, ap-southeast-1, ap-southeast-2, ap-east-1, eu-west-1, eu-north-1, asa-east-1, us-east-1, us-west-1, uswest-2, me-south-1, eu-south-1, and af-south-1 This parameter is mandatory when the platform type is set to location. |
| virtual_network_id={value} | Required | Integer |
Provide the Id of the Azure virtual network. This parameter is mandatory when the platform type is set to virtual network. |
| tag_include_selector={all|any} | Optional | String | Select any (the default) to include hosts that match at least one of the selected tags. Select all to include hosts that match all of the selected tags. |
| tag_exclude_selector={all|any} | Optional | String | Select any (the default) to exclude hosts that match at least one of the selected tags. Select all to exclude hosts that match all of the selected tags. |
| tag_set_by={id|name} | Optional | String | Specify id (the default) to select a tag set by providing tag IDs. Specify name to select a tag set by providing tag names. We will check if the tag ids or tag names are valid. |
| tag_set_include={value} | Optional | String | Specify a tag set to include. Hosts that match these tags will be included. You identify the tag set by providing tag name or IDs. Multiple entries are comma-separated. |
| tag_set_exclude={value} | Optional | String | Specify a tag set to exclude. Hosts that match these tags will be excluded. You identify the tag set by providing tag name or IDs. Multiple entries are comma separated. |
| cloud_resource_ids={remove|any VM ID} | Optional | String | Only applicable for Update request. Specific VM IDs on which scan needs to be launched (VM IDs are comma separated). Specify remove to delete the existing VM-IDs. Specify any VM ID to replace the existing VM-IDs. |
Refer to the following Scan Schedule parameters:
Input Parameters - Scan Schedule Occurrence Input Parameters - Scan Schedule Occurrence
| Parameter Name |
Required/ Optional |
Data Type |
Description |
| occurrence=daily | Required | String | Required for a daily scan. |
| frequency_days={value} | Required | Integer | Required for daily scan. The scan will run every N number of days. Value is an integer from 1 to 365. |
| occurrence=weekly | Required | String | Required for a weekly scan. |
| frequency_weeks={value} | Required | Integer | Required for a weekly scan. The scan will run every N number of weeks. Value is an integer from 1 to 52. |
| weekdays={value} | Required | String | Required for a weekly scan. The scan will run on one or more weekdays. Value is one or more days: Sunday, Monday, Tuesday, Wednesday, Thursday, Friday, Saturday. Multiple days are comma separated. |
| occurrence=monthly | Required | String | Required for a monthly scan. |
| frequency_months={value} | Required | Integer | Required for a monthly scan. The scan will run every N number of months. Value is an integer from 1 to 12. |
| day_of_month={value} | Required | Integer | Required for a monthly scan - Nth day of the month. The scan will run on the Nth day of the month. Value is an integer from 1 to 31. |
| day_of_week={value} | Required | Integer | Required for a monthly scan - day in Nth week. The scan will run on this day of the week. Value is and integer from 0 to 6, where 0 is Sunday and 2 is Tuesday. |
| week_of_month={value} | Required | String | Required for a monthly scan - day in Nth week. The scan will run on this week of the month. Value is one of: first, second, third, fourth, last. |
Input Parameters - Scan Schedule Start Time Input Parameters - Scan Schedule Start Time
| Parameter Name |
Required/ Optional |
Data Type |
Description |
| start_date={mm/dd/yyyy} | Optional | Integer | By default the start date is the date when the schedule is created. You can define another start date in mm/dd/yyyy format. |
| start_hour={hour} | Required | Integer | The hour when a scan will start. The hour is an integer from 0 to 23, where 0 represents 12 AM, 7 represents 7 AM, and 22 represents 10 PM. |
| start_minute={minute} | Required | Integer | The minute when a scan will start. A valid value is an integer from 0 to 59. |
| time_zone_code={value} | Required | String | The time zone code for starting a scan, in upper case. For example, the time zone code for US California is US-CA. Valid codes are returned by the Time Zone Code API (/msp/time_zone_code_list.php). |
| observe_dst={yes|no} | Optional | String | Specify yes to observe Daylight Saving Time (DST). This parameter is valid when the time zone code specified in time_zone_code supports DST. |
| recurrence={value} | Optional | Integer | The number of times the scan will be run before it is deactivated. For example, if you set recurrence=2, the scan schedule will be deactivated after it runs 2 times. By default, no value is set. A valid value is an integer from 1 to 99. |
| end_after={value} | Optional | Integer | End a scan after some number of hours. A valid value is from 0 to 119. |
| end_after_mins={value} | Optional | Integer | Akllows monthly scan - Nth day of the month. The scan will run on the Nth day of the month. Value is an integer from 1 to 31. Must be specified with end_after. For example, to end the scan after 2 hours and 30 minutes, you would specify end_after=2 and end_after_mins=30. When end_after is set to 0, the minimum value for end_after_mins is 15. |
| pause_after_hours={value} | Optional | Integer | Pause a scan after some number of hours if the scan has not finished by then. A valid value is an integer from 0 to 119. |
| pause_after_mins={value} | Optional | Integer | Pause a scan after some number of minutes if the scan has not finished by then. A valid value is an integer from 0-59. Must be specified with pause_after_hours. For example, to pause the scan after 2 hours and 30 minutes, you would specify pause_after_hours=2 and pause_after_mins=30. When pause_after_hours is set to 0, the minimum value for pause_after_mins is 15. |
| resume_in_days={value} | Optional | Integer | Resume a paused scan in some number of days. A valid value is an integer from 0 to 9 or Manually. |
| resume_in_hours={value} | Optional | Integer | Resume a paused scan in some number of hours. A valid value is an integer from 0-23. Must be specified with pause_after_hours and resume_in_days. For example, to resume your scan in 5 hours, specify resume_in_days=0 and resume_in_hours=5. To resume your scan in 1 day and 12 hours, specify resume_in_days=1 and resume_in_hours=12. The value you set for pause will determine the minimum value for resume. For example, if you set the scan to pause after 1 hour then you can set it to resume in 2 or more hours. If you set the scan to pause between 1-2 hours (from 1hr, 1min to 1 hr, 59min) then you can set it to resume in 3 hours or more. |
| set_start_time={0|1} | Required | Integer | (Optional for Update only) Specify set_start_time=1 to update any of the start time parameters. Must be specified with all start time parameters together: start_date, start_hour, start_minute, time_zone_code, observe_dst |
Input Parameters - Scan Schedule NotificationsInput Parameters - Scan Schedule Notifications
| Parameter Name |
Required/ Optional |
Data Type |
Description |
| before_notify={0|1} | Optional | Integer | Specify before_notify=1 to send a notification before the scan starts. When not specified during a create request no notification is sent. When not specified during an update request we keep the previous setting. |
| before_notify_unit={value} | Optional | String | Specify the time unit for when to send the before scan notification. Possible values are: days, hours, minutes. This parameter is required when before_notify=1. Not valid when before_notify=0. |
| before_notify_time={value} | Optional | Integer | Indicates the number of days, hours, or minutes before the scan starts the notification will be sent. For days, enter a value of 1-31. For hours, enter a value of 1-24. For minutes, enter a value of 5-120. This parameter is required when before_notify=1. Not valid when before_notify=0. |
| before_notify_message= {value} | Optional | String | Specify a custom message to add to the before scan notification. The notification will always include certain details like the scan title, owner, option profile and start time. Include up to 4000 characters, no HTML tags. For update requests: - When not specified we keep the previous setting. - Specify an empty string to delete the last saved message. This parameter is only valid when before_notify=1 |
| after_notify={0|1} | Optional | Integer | Specify after_notify=1 to send a notification after the scan is finished. When not specified during a create request no notification is sent. When not specified during an update request we keep the previous setting. |
| after_notify_message= {value} | Optional | String | Specify a custom message to add to the after scan notification. When not specified during a create request, no notification message is saved. Include up to 4000 characters, no HTML tags. For update requests: - When not specified we keep the previous setting. - Specify an empty string to delete the last saved message. - If both notifications are disabled (before_notify=0 and after_notify=0) we will delete the after notify message. This parameter is only valid when after_notify=1. |
| recipient_group_ids={value} | Optional | Integer | The notification recipients in the form of one or more valid distribution group IDs. When not specified during a create request, only the task owner will be notified. For update requests: - When not specified we keep the previous setting. - Specify an empty string to delete the list of IDs. - If both notifications are disabled (before_notify=0 and after_notify=0) we will delete the list of IDs. This parameter is only valid when before_notify=1 or after_notify=1 is specified in the same request. |
Sample-Create an Azure internal scanSample-Create an Azure internal scan
API Request
curl --location --request POST '<qualys_base_url>/api/2.0/fo/scan/
cloud/internal/job/index.php?action=create&scan_title=Azure%20Scan%20Internal%20Test&
connector_uuid=1abcd111-1111-11ab-1111-a11b111aaa1&active=1&
option_title=Initial%20Options&
module=vm&schedule=now&cloud_provider=azure&iscanner_name=Azure_Internal_Scanner_vmsp_ag1&`
region_code=eastus&priority=2&
platform_type=location&cloud_service=vm' \
--header 'X-Requested-With: xxxx' \
--header 'User-Agent:
32.227 HA/1.1.1 (https://
32.227 HA.com)' \
--header 'Authorization: encoded username:passwordstring' \
--header 'Accept: */*' \
--header 'Host: <
32.227 HA.coml>' \
--header 'Connection: keep-alive'
API Response
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE SIMPLE_RETURN SYSTEM "<qualys_base_url>/api/2.0/simple_return.dtd">
<SIMPLE_RETURN>
<RESPONSE>
<DATETIME>2024-11-26T05:17:19Z</DATETIME>
<TEXT>Scan has been created successfully</TEXT>
<ITEM_LIST>
<ITEM>
<KEY>ID</KEY>
<VALUE>1395111</VALUE>
</ITEM>
</ITEM_LIST>
</RESPONSE>
</SIMPLE_RETURN>
Sample-Update an Azure internal scanSample-Update an Azure internal scan
API Request
curl --location --request POST '<qualys_base_url>/api/2.0/fo/scan/cloud/
internal/job/index.php?action=update&
scan_title=Updated%20scan%20name&id=1395111&
iscanner_name=Azure_Internal_Scanner_New' \
--header 'X-Requested-With: qweabu' \
--header 'User-Agent:
32.227 HA/1.1.1 (https://
32.227 HA.com)' \
--header 'Authorization: encoded username:password string' \
--header 'Accept: */*' \
--header 'Host: <
32.227 HA.com>' \
--header 'Connection: keep-alive'API Response
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE SIMPLE_RETURN SYSTEM "<qualys_base_url>/api/2.0/simple_return.dtd">
<SIMPLE_RETURN>
<RESPONSE>
<DATETIME>2024-11-26T05:20:01Z</DATETIME>
<TEXT>Scan has been updated successfully</TEXT>
<ITEM_LIST>
<ITEM>
<KEY>ID</KEY>
<VALUE>1395111</VALUE>
</ITEM>
</ITEM_LIST>
</RESPONSE>
</SIMPLE_RETURN>
Scan API: View the list of launched Azure Scheduled Scan for internal Assets
| New or Updated API | Updated |
| API Endpoint (Deprecation Timeline- June 2025) |
/api/2.0/fo/scan/ |
| API Endpoint (New Version) |
/api/3.0/fo/scan/ |
| Method | GET |
| DTD or XSD changes | No |
When you schedule an Azure internal scan and when the scan is launched, you can view the list of launched scan in this API. This enables you to regularly identify vulnerabilities and take timely corrective actions.
Sample - Launched Azure internal scan list Sample - Launched Azure internal scan list
API Request
curl --location 'https://<qualys_base_url>/api/3.0/fo/scan/?action=list' \ --header 'X-Requested-With: 32.227 HA' \ --header 'User-Agent: 32.227 HA/1.0.0 (https:// 32.227 HA.com)' \ --header 'Authorization: Basic Encoded username:passwordstring' \ --header 'Accept: /' \ --header 'Host: 32.227 HA:43000' \ --header 'Connection: keep-alive'
API Response
<?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE SCAN_LIST_OUTPUT SYSTEM "//<qualys_base_url>/api/3.0/fo/scan/scan_list_output.dtd"> <SCAN_LIST_OUTPUT> <RESPONSE> <DATETIME>2024-12-09T09:11:17Z</DATETIME> <SCAN_LIST> <SCAN> <REF>scan/1735543972.16308</REF> <TYPE>Scheduled</TYPE> <TITLE> <![CDATA[Azure Scan Internal Test]]> </TITLE> <USER_LOGIN>vmsp_ag1</USER_LOGIN> <LAUNCH_DATETIME>2024-12-30T07:32:52Z</LAUNCH_DATETIME> <DURATION>00:00:27</DURATION> <PROCESSING_PRIORITY>2 - Ultimate</PROCESSING_PRIORITY> <PROCESSED>1</PROCESSED> <STATUS> <STATE>Finished</STATE> <SUB_STATE>No_Host</SUB_STATE> </STATUS> <TARGET> <![CDATA[65188eb1-02b7-405e-861c-fb44c98a20d7,cc681b26-8899-4ca8-bedd-b187bdbb8bdb,86c32f80-df08-4d55-883d-dc1be958b404,4518d470-2c51-4b36-a2f8-c160b84a3145,b119496c-008c-44cb-845a-928f22368776,e79b48ab-e76d-4ce0-a2c7-f55cafb8214b,2fad044a-5a20-408d-a24c-ec82db6b480a,8332f07d-ae8c-4ecf-81b1-b518b9c93b73,06ac9d58-bac5-452c-b7d9-2bcc6a65f462,ee50296b-bd55-4806-ae44-a741a8429980,01140268-3adf-48fb-87c3-e7f267ba06b8,7d97c6e6-94c1-4dfb-834b-1372bed7f460,c24f8498-b2a9-4eb6-90be-a2a1cce1c8fe,abf4867d-7d9a-49e2-af91-74a0a07ad78e,8040afd7-faae-48cc-8721-0effdba065d9,806d9fbd-b3c5-47e6-b75d-af452c85d52c,de9edb26-9fd6-48a9-82bd-0563e6c73c8c,45ecfa8b-5761-44e3-ba19-7c5a1c5b5fd1,e2ef6795-79ef-45ff-a6d2-c6f23498578c,81deef30-3247-4617-8539-98ff74b4b809,86258819-4965-406b-87b7-c171dfa27740,8debc341-ddfc-4ceb-a505-293092ee0235,3a6121a9-52ff-4c9a-a4cb-c998f8e1128b,8a1feb05-6bd1-447b-9d81-a9df8d08fc6a,da029994-08ed-4fe9-9d18-730e52668724,46cdd666-ed4d-4caa-a4f8-dc0de9840e33,a6b86d01-86d4-4e33-9966-6223c6f26577,cbaeb49d-a885-4fc1-ac19-fe65bcc92e58,ba47a438-a5ef-4487-a457-00624bd98fe7,0ad0ef2b-e4bd-462b-be2e-9d363f03c8a4,209e9fad-455d-4755-b884-87f538daa76d,2019b43a-155f-49b8-bf43-52092b87a6ab,1523ecc7-fb13-4320-99c8-09800730fec9,57b01662-8754-4764-842f-c9ce982924c6,c6419606-a6f0-4340-84f3-1be040384a54,3ee18bbf-54cf-4466-9c51-08cde3f43b1a,a24ab800-6752-440e-b15f-f8d652f56325,e60ab9f6-45f7-47d3-aeee-f2f6848a9137,8cc39bd5-42ef-4cfc-a671-446228bdcd56,c97a9971-a52a-48fa-a202-af3c2f76b623,aa887200-c6a9-435b-91bd-4fd8aa7b3166]]> </TARGET> </SCAN> </SCAN_LIST> </RESPONSE> </SCAN_LIST_OUTPUT>
Sample - To fetch a specific launched Azure internal scanSample - To fetch a specific launched Azure internal scan
API Request
curl --location 'https://<qualys_base_url>/api/3.0/fo/scan/?action=list&show_ags=1&show_op=1' \ --header 'X-Requested-With: badsawewbu' \ --header 'User-Agent: 32.227 HA/1.0.0 (https:// 32.227 HA.com)' \ --header 'Authorization: Encoded username:passwordstring' \ --header 'Accept: /' \ --header ' 32.227 HA.com:43000' \ --header 'Connection: keep-alive'
JSON Response
[{"ip":"11.11.1.11","dns":"27f86f78-8dc2-4093-abed-1ce3b648c241","netbios":null,"qid":38711,"instance":null,"result":"Hops\tIP\tRound
Trip Time\tProbe\n1\t11.11.1.11\t0.19ms\tICMP\n2\t11.11.1.11\t0.26ms\tICMP\n3\t11.11.1.11\t1.91ms\tICMPHops\tIP\tRound
Trip Time\tProbe\n1\t11.11.1.11\t0.19ms\tICMP\n2\t11.11.1.11\t0.26ms\tICMP\n3\t11.11.1.11\t1.91ms\tICMP"},
{"ip":"11.11.1.11","dns":"27f86f78-8dc2-4093-abed-1ce3b648c241","netbios":null,"qid":14013,"instance":null,"result":"Port\tIANA
Assigned Ports\/Services\tDescription\tService Detected\n111\tsunrpc\tSUN Remote Procedure Call\trpc
udp\n2049\tshilp\tshilp\tnfsPort\tIANA Assigned Ports\/Services\tDescription\tService Detected\n111\tsunrpc\tSUN Remote
Procedure Call\trpc udp\n2049\tshilp\tshilp\tnfs"},
{"ip":"11.11.1.11","dns":"27f86f78-8dc2-4093-abed-1ce3b648c241","netbios":null,"qid":20220,"instance":null,"result":"Hops\tIP\tRound
Trip Time\tProbe\n1\t11.11.1.11\t0.19ms\tICMP\n2\t11.11.1.11\t0.26ms\tICMP\n3\t11.11.1.11\t1.91ms\tICMPHops\tIP\tRound
Trip Time\tProbe\n1\t11.11.1.11\t0.19ms\tICMP\n2\t11.11.1.11\t0.26ms\tICMP\n3\t11.11.1.11\t1.91ms\tICMP"},
{"ip":"11.11.1.11","dns":"27f86f78-8dc2-4093-abed-1ce3b648c241","netbios":null,"qid":45266,"instance":null,"result":"Port\tIANA
Assigned Ports\/Services\tDescription\tService Detected\n111\tsunrpc\tSUN Remote Procedure Call\trpc
udp\n2049\tshilp\tshilp\tnfsPort\tIANA Assigned Ports\/Services\tDescription\tService Detected\n111\tsunrpc\tSUN Remote
Procedure Call\trpc udp\n2049\tshilp\tshilp\tnfs"},
{"ip":"11.11.1.11","dns":"27f86f78-8dc2-4093-abed-1ce3b648c241","netbios":null,"qid":48074,"instance":null,"result":"Hops\tIP\tRound
Trip Time\tProbe\n1\t11.11.1.11\t0.19ms\tICMP\n2\t11.11.1.11\t0.26ms\tICMP\n3\t10.14.9.80\t1.91ms\tICMPHops\tIP\tRound
Trip Time\tProbe\n1\t10.40.1.2\t0.19ms\tICMP\n2\t10.10.0.10\t0.26ms\tICMP\n3\t10.14.9.80\t1.91ms\tICMP"},
{"ip":"10.14.9.80","dns":"27f86f78-8dc2-4093-abed-1ce3b648c241","netbios":null,"qid":45268,"instance":null,"result":"Hops\tIP\tRound
Trip Time\tProbe\n1\t11.11.1.11\t0.19ms\tICMP\n2\t11.11.1.11\t0.26ms\tICMP\n3\t11.11.1.11\t1.91ms\tICMPHops\tIP\tRound
Trip Time\tProbe\n1\t11.11.1.11\t0.19ms\tICMP\n2\t11.11.1.11\t0.26ms\tICMP\n3\t11.11.1.11\t1.91ms\tICMP"},
{"ip":"11.11.1.11","dns":"27f86f78-8dc2-4093-abed-1ce3b648c241","netbios":null,"qid":45304,"instance":null,"result":""},
{"ip":"11.11.1.11","dns":"27f86f78-8dc2-4093-abed-1ce3b648c241","netbios":null,"qid":242738,"instance":null,"result":"Hops\tIP\tRound
Trip Time\tProbe\n1\t11.11.1.11\t0.19ms\tICMP\n2\t11.11.1.11\t0.26ms\tICMP\n3\t10.6.1.36\t1.91ms\tICMP"},
{"ip":"11.11.1.11","dns":"27f86f78-8dc2-4093-abed-1ce3b648c241","netbios":null,"qid":45376,"instance":null,"result":"Hops\tIP\tRound
Trip Time\tProbe\n1\t11.11.1.11\t0.19ms\tICMP\n2\t11.11.1.11\t0.26ms\tICMP\n3\t11.11.1.11\t1.91ms\tICMP"}]
Scheduled Scan API: View the Azure Scheduled Scanned list for internal Assets
| New or Updated API | Updated |
| API Endpoint (Deprecation Timeline- June 2025) |
/api/2.0/fo/schedule/scan/ |
| API Endpoint (New Version) |
/api/3.0/fo/schedule/scan/ |
| Method | GET |
| DTD or XSD changes | Yes |
You can view the scheduled scans list in this API when you create or update an scheduled azure internal scan using the new Scan API /api/2.0/fo/scan/cloud/internal/job/. Earlier, you were able to view only the scheduled scans list related to cloud perimeter scan, EC2 scan.
Sample - List the scheduled scans for Azure internal scanSample - List the scheduled scans for Azure internal scan
API Request
curl --location 'https://<qualys_base-url>/api/3.0/fo/schedule/scan/index.php?action=list&scan_type=internal&show_cloud_details=1&active=1&id=1396645' \
--header 'X-Requested-With: badsawewbu' \
--header 'User-Agent:
32.227 HA/1.0.0 (https://
32.227 HA.com)' \
--header 'Authorization: Basic dm1zcF9hZzE6UXVhbHlzQDEyMw==' \
--header 'Accept: /' \
--header 'Host:
32.227 HA.com:43000' \
--header 'Connection: keep-alive'
API Response
<?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE SCHEDULE_SCAN_LIST_OUTPUT SYSTEM "https://<qualys_base_url>/api/3.0/fo/schedule/scan/schedule_scan_list_output.dtd"> <SCHEDULE_SCAN_LIST_OUTPUT> <RESPONSE> <DATETIME>2024-12-09T09:09:07Z</DATETIME> <SCHEDULE_SCAN_LIST> <SCAN> <ID>1396645</ID> <ACTIVE>1</ACTIVE> <TITLE> <![CDATA[Connector id]]> </TITLE> <USER_LOGIN>vmsp_ag1</USER_LOGIN> <TARGET> <![CDATA[]]> </TARGET> <NETWORK_ID> <![CDATA[0]]> </NETWORK_ID> <ISCANNER_NAME> <![CDATA[Azure_Internal_Scanner_New]]> </ISCANNER_NAME> <CLOUD_DETAILS> <PROVIDER>AZURE</PROVIDER> <CONNECTOR> <ID>1642552</ID> <UUID>ddc52e7b-bcef-42f4-9243-fb5747a23fc0</UUID> <NAME> <![CDATA[Azure VM Internal Scan]]> </NAME> </CONNECTOR> <SCAN_TYPE>Cloud Internal</SCAN_TYPE> <CLOUD_TARGET> <PLATFORM>LOCATION</PLATFORM> <REGION> <UUID>080380ed-483e-45d7-8838-c5e637750e54</UUID> <CODE>eastus</CODE> <NAME> <![CDATA[East US]]> </NAME> </REGION> </CLOUD_TARGET> </CLOUD_DETAILS> <OPTION_PROFILE> <TITLE> <![CDATA[Initial Options]]> </TITLE> <DEFAULT_FLAG>1</DEFAULT_FLAG> </OPTION_PROFILE> <PROCESSING_PRIORITY>2 - Ultimate</PROCESSING_PRIORITY> <SCHEDULE> <DAILY frequency_days="1" /> <START_DATE_UTC>2024-12-04T10:28:00Z</START_DATE_UTC> <START_HOUR>15</START_HOUR> <START_MINUTE>58</START_MINUTE> <NEXTLAUNCH_UTC>2024-12-09T10:28:00</NEXTLAUNCH_UTC> <TIME_ZONE> <TIME_ZONE_CODE>IN</TIME_ZONE_CODE> <TIME_ZONE_DETAILS>(GMT+0530) India: Asia/Calcutta</TIME_ZONE_DETAILS> </TIME_ZONE> <DST_SELECTED>0</DST_SELECTED> </SCHEDULE> </SCAN> </SCHEDULE_SCAN_LIST> </RESPONSE> </SCHEDULE_SCAN_LIST_OUTPUT>
DTD - DTD UpdateDTD - DTD Update
A DTD for the Scheduled scan API has been added.
<platform API server>api/3.0/fo/schedule/scan/schedule_scan_list_output.dtd
DTD output for the Scheduled scan API is as follows:
DTD Output
<!-- QUALYS SCHEDULE_SCAN_LIST_OUTPUT DTD -->
<!ELEMENT SCHEDULE_SCAN_LIST_OUTPUT (REQUEST?,RESPONSE)>
<!ELEMENT REQUEST (DATETIME, USER_LOGIN, RESOURCE, PARAM_LIST?, POST_DATA?)>
<!ELEMENT DATETIME (#PCDATA)>
<!ELEMENT USER_LOGIN (#PCDATA)>
<!ELEMENT RESOURCE (#PCDATA)>
<!ELEMENT PARAM_LIST (PARAM+)>
<!ELEMENT PARAM (KEY, VALUE)>
<!ELEMENT KEY (#PCDATA)>
<!ELEMENT VALUE (#PCDATA)>
<!-- if returned, POST_DATA will be urlencoded -->
<!ELEMENT POST_DATA (#PCDATA)>
<!ELEMENT RESPONSE (DATETIME, SCHEDULE_SCAN_LIST?)>
<!ELEMENT SCHEDULE_SCAN_LIST (SCAN+)>
<!ELEMENT SCAN (ID, SCAN_TYPE?, ACTIVE, TITLE?, CLIENT?, USER_LOGIN, TARGET, NETWORK_ID?, ISCANNER_NAME?, POOL_OF_SCANNERS?, EC2_INSTANCE?, CLOUD_DETAILS?, ASSET_GROUP_TITLE_LIST?, ASSET_TAGS?, EXCLUDE_IP_PER_SCAN?, USER_ENTERED_IPS?, USER_ENTERED_IPv6_IPS?, ELB_DNS?,MANUAL_CLOUD_RESOURCE_IDS?, OPTION_PROFILE?, PROCESSING_PRIORITY?, SCHEDULE, NOTIFICATIONS?)>
<!ELEMENT ID (#PCDATA)>
<!ELEMENT ACTIVE (#PCDATA)>
<!ELEMENT TITLE (#PCDATA)>
<!ELEMENT CLIENT (ID,NAME)>
<!ELEMENT TARGET (#PCDATA)>
<!ELEMENT NETWORK_ID (#PCDATA)>
<!ELEMENT ISCANNER_NAME (#PCDATA)>
<!ELEMENT POOL_OF_SCANNERS (#PCDATA)>
<!ELEMENT EC2_INSTANCE (CONNECTOR_UUID, EC2_ENDPOINT, EC2_ONLY_CLASSIC?)>
<!ELEMENT CONNECTOR_UUID (#PCDATA)>
<!ELEMENT EC2_ENDPOINT (#PCDATA)>
<!ELEMENT EC2_ONLY_CLASSIC (#PCDATA)>
<!ELEMENT CLOUD_DETAILS (PROVIDER, CONNECTOR?, SCAN_TYPE, CLOUD_TARGET?)>
<!ELEMENT PROVIDER (#PCDATA)>
<!ELEMENT CONNECTOR (ID?, UUID, NAME)>
<!ELEMENT UUID (#PCDATA)>
<!ELEMENT NAME (#PCDATA)>
<!ELEMENT SCAN_TYPE (#PCDATA)>
<!ELEMENT CLOUD_TARGET (PLATFORM, REGION?, VPC_SCOPE?, VPC_LIST?, VIRTUAL_NETWORK?)>
<!ELEMENT PLATFORM (#PCDATA)>
<!ELEMENT REGION (UUID?, CODE?, NAME?)>
<!ELEMENT VIRTUAL_NETWORK (ID, NAME?, RESOURCE_GROUP)>
<!ELEMENT RESOURCE_GROUP (NAME)>
<!ELEMENT CODE (#PCDATA)>
<!ELEMENT VPC_SCOPE (#PCDATA)>
<!ELEMENT VPC_LIST (VPC+)>
<!ELEMENT VPC (UUID)>
<!ELEMENT ASSET_GROUP_TITLE_LIST (ASSET_GROUP_TITLE+)>
<!ELEMENT ASSET_GROUP_TITLE (#PCDATA)>
<!ELEMENT ASSET_TAGS (TAG_INCLUDE_SELECTOR, TAG_SET_INCLUDE, TAG_EXCLUDE_SELECTOR?, TAG_SET_EXCLUDE?, USE_IP_NT_RANGE_TAGS?, USE_IP_NT_RANGE_TAGS_INCLUDE, USE_IP_NT_RANGE_TAGS_EXCLUDE?)>
<!ELEMENT TAG_INCLUDE_SELECTOR (#PCDATA)>
<!ELEMENT TAG_SET_INCLUDE (#PCDATA)>
<!ELEMENT TAG_EXCLUDE_SELECTOR (#PCDATA)>
<!ELEMENT TAG_SET_EXCLUDE (#PCDATA)>
<!ELEMENT USE_IP_NT_RANGE_TAGS (#PCDATA)>
<!ELEMENT USE_IP_NT_RANGE_TAGS_INCLUDE (#PCDATA)>
<!ELEMENT USE_IP_NT_RANGE_TAGS_EXCLUDE (#PCDATA)>
<!ELEMENT EXCLUDE_IP_PER_SCAN (#PCDATA)>
<!ELEMENT USER_ENTERED_IPS (RANGE+)>
<!ELEMENT USER_ENTERED_IPv6_IPS (RANGE+)>
<!ELEMENT ELB_DNS (DNS+)>
<!ELEMENT DNS (#PCDATA)>
<!ELEMENT MANUAL_CLOUD_RESOURCE_IDS (CLOUD_RESOURCE_ID+)>
<!ELEMENT CLOUD_RESOURCE_ID (#PCDATA)>
<!ELEMENT RANGE (START, END)>
<!ELEMENT START (#PCDATA)>
<!ELEMENT END (#PCDATA)>
<!ELEMENT OPTION_PROFILE (TITLE, DEFAULT_FLAG?)>
<!ELEMENT DEFAULT_FLAG (#PCDATA)>
<!ELEMENT PROCESSING_PRIORITY (#PCDATA)>
<!ELEMENT SCHEDULE ((DAILY|WEEKLY|MONTHLY), START_DATE_UTC, START_HOUR, START_MINUTE, END_AFTER_HOURS?, END_AFTER_MINUTES?, PAUSE_AFTER_HOURS?, PAUSE_AFTER_MINUTES?, RESUME_IN_DAYS?, RESUME_IN_HOURS?, NEXTLAUNCH_UTC?, TIME_ZONE, DST_SELECTED, MAX_OCCURRENCE?)>
<!ELEMENT DAILY EMPTY>
<!ATTLIST DAILY
frequency_days CDATA #REQUIRED>
<!-- weekdays is comma-separated list of weekdays e.g. 0,1,4,5 -->
<!ELEMENT WEEKLY EMPTY>
<!ATTLIST WEEKLY
frequency_weeks CDATA #REQUIRED
weekdays CDATA #REQUIRED>
<!-- either day of month, or (day of week and week of month) must be provided -->
<!ELEMENT MONTHLY EMPTY>
<!ATTLIST MONTHLY
frequency_months CDATA #REQUIRED
day_of_month CDATA #IMPLIED
day_of_week (0|1|2|3|4|5|6) #IMPLIED
week_of_month (1|2|3|4|5) #IMPLIED>
<!-- start date of the task in UTC -->
<!ELEMENT START_DATE_UTC (#PCDATA)>
<!-- User Selected hour -->
<!ELEMENT START_HOUR (#PCDATA)>
<!-- User Selected Minute -->
<!ELEMENT START_MINUTE (#PCDATA)>
<!ELEMENT END_AFTER_HOURS (#PCDATA)>
<!ELEMENT END_AFTER_MINUTES (#PCDATA)>
<!ELEMENT PAUSE_AFTER_HOURS (#PCDATA)>
<!ELEMENT PAUSE_AFTER_MINUTES (#PCDATA)>
<!ELEMENT RESUME_IN_DAYS (#PCDATA)>
<!ELEMENT RESUME_IN_HOURS (#PCDATA)>
<!ELEMENT NEXTLAUNCH_UTC (#PCDATA)>
<!ELEMENT TIME_ZONE (TIME_ZONE_CODE, TIME_ZONE_DETAILS)>
<!-- timezone code like US-CA -->
<!ELEMENT TIME_ZONE_CODE (#PCDATA)>
<!-- timezone details like (GMT-0800) United States (California): Los Angeles, Sacramento, San Diego, San Francisco-->
<!ELEMENT TIME_ZONE_DETAILS (#PCDATA)>
<!-- Did user select DST? 0-not selected 1-selected -->
<!ELEMENT DST_SELECTED (#PCDATA)>
<!ELEMENT MAX_OCCURRENCE (#PCDATA)>
<!-- notifications -->
<!ELEMENT NOTIFICATIONS (BEFORE_LAUNCH?, AFTER_COMPLETE?,LAUNCH_DELAY?, LAUNCH_SKIP?, DEACTIVATE_SCHEDULE?, DISTRIBUTION_GROUPS?)>
<!ELEMENT BEFORE_LAUNCH (TIME, UNIT, MESSAGE)>
<!ELEMENT TIME (#PCDATA)>
<!ELEMENT UNIT (#PCDATA)>
<!ELEMENT MESSAGE (#PCDATA)>
<!ELEMENT AFTER_COMPLETE (MESSAGE)>
<!ELEMENT LAUNCH_DELAY (MESSAGE)>
<!ELEMENT LAUNCH_SKIP (MESSAGE)>
<!ELEMENT DEACTIVATE_SCHEDULE (MESSAGE)>
<!ELEMENT DISTRIBUTION_GROUPS (DISTRIBUTION_GROUP+)>
<!ELEMENT DISTRIBUTION_GROUP (ID, TITLE)>
<!-- EOF -->
Host list API: Added Activation Key and its Title for Cloud Agent-Tracked Hosts
| New or Updated API | Updated |
| API Endpoint (Deprecation Timeline- June 2025) |
api/3.0/fo/asset/host/ |
| API Endpoint (New Version) |
api/4.0/fo/asset/host/ |
| Method | GET/POST |
| DTD or XSD changes | Yes |
With this release, a new parameter, cloud_agent_activationkey, is added to the Host List API. When this parameter is assigned a value of 1, you can view the following two new tags in the response of the Host List API for the cloud agent-tracked hosts.
- Agent Activation Key - AGENT_ACTIVATION_TITLE
- Agent Activation Title - AGENT_ACTIVATION_KEY
These tags display the activation key and activation title for all the cloud agent tracked hosts. Earlier, identifying the key associated with the asset and routing the vulnerability data was performed manually for large data, which was taking a considerable amount of time. This helps to identify various types of hosts based on the activation key and route the vulnerability data for further processing.
When you set the cloud_agent_activationkey parameter value to 1, the API response time may be slower for large amount of data.
Input ParameterInput Parameter
| Parameter Name |
Required/ Optional |
Data Type |
Description |
| cloud_agent_activationkey | Optional | Integer | Specify 1, to have two new tags AGENT_ACTIVATION_KEY and AGENT_ACTIVATION_TITLE in the response for appropriate assets. |
Sample - Display the Activation Key and Activation TitleSample - Display the Activation Key and Activation Title
API Request
curl "https://<qualys-base_url>/api/4.0/fo/asset/host/?ips=11.111.11.111,11.111.11.111&action=list&details=All&cloud_agent_activationkey=1" -X POST -b "QualysSession=ae630e1f345b6503324a93d52b3a69de" -H "Content-Type: application/x-www-form-urlencoded" -H "X-Requested-With: curl demo2" -H "Accept: /" -H "Content-Length: 0" --compressed -k -v
API Response
<?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE HOST_LIST_OUTPUT SYSTEM "https:// <qualys_base_url>/api/4.0/fo/asset/host/dtd/list/output.dtd"> <HOST_LIST_OUTPUT> <RESPONSE> <DATETIME>2024-12-20T07:41:21Z</DATETIME> <HOST_LIST> <HOST> <ID>5962587</ID> <IP>11.111.11.111</IP> <TRACKING_METHOD>Cloud Agent</TRACKING_METHOD> <NETWORK_ID>0</NETWORK_ID> <DNS> <![CDATA[centos7-dns-11-111.rdlab.com]]> </DNS> <DNS_DATA> <HOSTNAME> <![CDATA[centos7-hostname-11-111]]> </HOSTNAME> <DOMAIN> <![CDATA[rdlab.com]]> </DOMAIN> <FQDN> <![CDATA[centos7-fqdn-11-111.rdlab.com]]> </FQDN> </DNS_DATA> <OS> <![CDATA[CentOS Linux 7.9.2009]]> </OS> <QG_HOSTID> <![CDATA[b4192ceb-de61-4884-b392-55135e14ce25]]> </QG_HOSTID> <LAST_BOOT>2024-06-07T04:33:55Z</LAST_BOOT> <SERIAL_NUMBER> <![CDATA[VMware-42 2a 6c b2 02 2c 46 38-fb 92 8d 5f 02 44 b4 ac]]> </SERIAL_NUMBER> <HARDWARE_UUID> <![CDATA[b26c2a42-2c02-3846-fb92-8d5f0244b4ac]]> </HARDWARE_UUID> <FIRST_FOUND_DATE>2024-08-07T07:32:25Z</FIRST_FOUND_DATE> <LAST_ACTIVITY>2024-08-12T10:20:55Z</LAST_ACTIVITY> <AGENT_STATUS> <![CDATA[Inventory Scan Complete]]> </AGENT_STATUS> <CLOUD_AGENT_RUNNING_ON> <![CDATA[QAGENT]]> </CLOUD_AGENT_RUNNING_ON> <AGENT_ACTIVATION_TITLE> <![CDATA[title_Activation_key]]> </AGENT_ACTIVATION_TITLE> <AGENT_ACTIVATION_KEY> <![CDATA[e5decf50-c20a-4782-8e9e-b6a712261a4d]]> </AGENT_ACTIVATION_KEY> <LAST_VULN_SCAN_DATETIME>2024-08-13T03:41:08Z</LAST_VULN_SCAN_DATETIME> <LAST_VM_SCANNED_DATE>2024-08-13T03:41:08Z</LAST_VM_SCANNED_DATE> <LAST_VM_AUTH_SCANNED_DATE>2024-08-13T03:41:08Z</LAST_VM_AUTH_SCANNED_DATE> <LAST_COMPLIANCE_SCAN_DATETIME>2024-08-12T18:33:51Z</LAST_COMPLIANCE_SCAN_DATETIME> </HOST> <HOST> <ID>5962589</ID> <IP>11.111.11.111</IP> <TRACKING_METHOD>Cloud Agent</TRACKING_METHOD> <NETWORK_ID>0</NETWORK_ID> <DNS> <![CDATA[centos7-dns-11-111.rdlab.com]]> </DNS> <DNS_DATA> <HOSTNAME> <![CDATA[centos7-hostname-11-111]]> </HOSTNAME> <DOMAIN> <![CDATA[rdlab.com]]> </DOMAIN> <FQDN> <![CDATA[centos7-fqdn-11-111.rdlab.com]]> </FQDN> </DNS_DATA> <OS> <![CDATA[CentOS Linux 7.9.2009]]> </OS> <QG_HOSTID> <![CDATA[0714edfe-8a72-44d9-98eb-95401672b235]]> </QG_HOSTID> <LAST_BOOT>2024-06-07T04:45:05Z</LAST_BOOT> <SERIAL_NUMBER> <![CDATA[VMware-42 2a 60 7f 5c 9d 67 71-4b 17 71 35 9b 73 28 d4]]> </SERIAL_NUMBER> <HARDWARE_UUID> <![CDATA[7f602a42-9d5c-7167-4b17-71359b7328d4]]> </HARDWARE_UUID> <FIRST_FOUND_DATE>2024-08-07T07:32:25Z</FIRST_FOUND_DATE> <LAST_ACTIVITY>2024-09-19T12:05:05Z</LAST_ACTIVITY> <AGENT_STATUS> <![CDATA[Inventory Scan Complete]]> </AGENT_STATUS> <CLOUD_AGENT_RUNNING_ON> <![CDATA[QAGENT]]> </CLOUD_AGENT_RUNNING_ON> <AGENT_ACTIVATION_KEY> <![CDATA[fcce41e6-446e-4818-bf3e-4b3e3860574b]]> </AGENT_ACTIVATION_KEY> <LAST_VULN_SCAN_DATETIME>2024-09-19T09:54:48Z</LAST_VULN_SCAN_DATETIME> <LAST_VM_SCANNED_DATE>2024-09-19T09:54:48Z</LAST_VM_SCANNED_DATE> <LAST_VM_AUTH_SCANNED_DATE>2024-09-19T09:54:48Z</LAST_VM_AUTH_SCANNED_DATE> <LAST_COMPLIANCE_SCAN_DATETIME>2024-09-19T04:25:11Z</LAST_COMPLIANCE_SCAN_DATETIME> </HOST> <HOST> <ID>6060439</ID> <IP>11.111.11.111</IP> <TRACKING_METHOD>IP</TRACKING_METHOD> <NETWORK_ID>6008</NETWORK_ID> <OS> <![CDATA[EulerOS / SuSE Linux / Scientific Linux]]> </OS> <FIRST_FOUND_DATE>2024-08-22T18:10:07Z</FIRST_FOUND_DATE> <LAST_VULN_SCAN_DATETIME>2024-09-01T18:03:32Z</LAST_VULN_SCAN_DATETIME> <LAST_VM_SCANNED_DATE>2024-09-01T18:03:32Z</LAST_VM_SCANNED_DATE> <LAST_VM_SCANNED_DURATION>519</LAST_VM_SCANNED_DURATION> </HOST> <HOST> <ID>6060639</ID> <IP>11.111.11.111</IP> <TRACKING_METHOD>IP</TRACKING_METHOD> <NETWORK_ID>6008</NETWORK_ID> <OS> <![CDATA[EulerOS / SuSE Linux / Scientific Linux]]> </OS> <FIRST_FOUND_DATE>2024-08-22T18:10:07Z</FIRST_FOUND_DATE> <LAST_VULN_SCAN_DATETIME>2024-09-01T18:03:58Z</LAST_VULN_SCAN_DATETIME> <LAST_VM_SCANNED_DATE>2024-09-01T18:03:58Z</LAST_VM_SCANNED_DATE> <LAST_VM_SCANNED_DURATION>544</LAST_VM_SCANNED_DURATION> </HOST> </HOST_LIST> </RESPONSE> </HOST_LIST_OUTPUT>
Sample - DTD OutputSample - DTD Output
<platform API server> /api/4.0/fo/asset/host/dtd/list/output.dtd
DTD output for the cloud agent-tracked hosts is as follows:
DTD Output
<!-- QUALYS HOST_OUTPUT DTD FOR LIST ACTION--> <!ELEMENT HOST_LIST_OUTPUT (REQUEST?,RESPONSE)> <!ELEMENT REQUEST (DATETIME, USER_LOGIN, RESOURCE, PARAM_LIST?, POST_DATA?)> <!ELEMENT DATETIME (#PCDATA)> <!ELEMENT USER_LOGIN (#PCDATA)> <!ELEMENT RESOURCE (#PCDATA)> <!ELEMENT PARAM_LIST (PARAM+)> <!ELEMENT PARAM (KEY, VALUE)> <!ELEMENT KEY (#PCDATA)> <!ELEMENT VALUE (#PCDATA)> <!-- if returned, POST_DATA will be urlencoded --> <!ELEMENT POST_DATA (#PCDATA)> <!ELEMENT RESPONSE (DATETIME, (HOST_LIST|ID_SET)?, WARNING?, GLOSSARY?)> <!ELEMENT HOST_LIST (HOST+)> <!ELEMENT HOST (ID, ASSET_ID?, IP?, IPV6?, ASSET_RISK_SCORE?, TRURISK_SCORE?, ASSET_CRITICALITY_SCORE?, ARS_FACTORS?,TRURISK_SCORE_FACTORS?, TRACKING_METHOD?, NETWORK_ID?, OS_HOSTNAME?, DNS?, DNS_DATA?, CLOUD_PROVIDER?, CLOUD_SERVICE?, CLOUD_RESOURCE_ID?, EC2_INSTANCE_ID?, NETBIOS?, OS?, QG_HOSTID?, LAST_BOOT?, SERIAL_NUMBER?, HARDWARE_UUID?, FIRST_FOUND_DATE?, LAST_ACTIVITY?, AGENT_STATUS?, CLOUD_AGENT_RUNNING_ON?, AGENT_ACTIVATION_TITLE?, AGENT_ACTIVATION_KEY?,TAGS?, METADATA?, CLOUD_PROVIDER_TAGS?, LAST_VULN_SCAN_DATETIME?, LAST_VM_SCANNED_DATE?, LAST_VM_SCANNED_DURATION?, LAST_VM_AUTH_SCANNED_DATE?, LAST_VM_AUTH_SCANNED_DURATION?, LAST_COMPLIANCE_SCAN_DATETIME?, PC_AUTH_SUCCESS_DATE?, LAST_SCAP_SCAN_DATETIME?, OWNER?, COMMENTS?, USER_DEF?, ASSET_GROUP_IDS?)> <!ELEMENT ID (#PCDATA)> <!ELEMENT ASSET_ID (#PCDATA)> <!ELEMENT IP (#PCDATA)> <!ELEMENT IPV6 (#PCDATA)> <!ELEMENT ASSET_RISK_SCORE (#PCDATA)> <!ELEMENT TRURISK_SCORE (#PCDATA)> <!ELEMENT ASSET_CRITICALITY_SCORE (#PCDATA)> <!ELEMENT ARS_FACTORS (ARS_FORMULA, VULN_COUNT*)> <!ELEMENT ARS_FORMULA (#PCDATA)> <!ELEMENT TRURISK_SCORE_FACTORS (TRURISK_SCORE_FORMULA, VULN_COUNT*)> <!ELEMENT TRURISK_SCORE_FORMULA (#PCDATA)> <!ELEMENT VULN_COUNT (#PCDATA)> <!ATTLIST VULN_COUNT qds_severity CDATA #REQUIRED> <!ELEMENT TRACKING_METHOD (#PCDATA)> <!ELEMENT NETWORK_ID (#PCDATA)> <!ELEMENT OS_HOSTNAME (#PCDATA)> <!ELEMENT DNS (#PCDATA)> <!ELEMENT DNS_DATA (HOSTNAME?, DOMAIN?, FQDN?)> <!ELEMENT HOSTNAME (#PCDATA)> <!ELEMENT DOMAIN (#PCDATA)> <!ELEMENT FQDN (#PCDATA)> <!ELEMENT EC2_INSTANCE_ID (#PCDATA)> <!ELEMENT CLOUD_PROVIDER (#PCDATA)> <!ELEMENT CLOUD_SERVICE (#PCDATA)> <!ELEMENT CLOUD_RESOURCE_ID (#PCDATA)> <!ELEMENT NETBIOS (#PCDATA)> <!ELEMENT OS (#PCDATA)> <!ELEMENT QG_HOSTID (#PCDATA)> <!ELEMENT LAST_BOOT (#PCDATA)> <!ELEMENT SERIAL_NUMBER (#PCDATA)> <!ELEMENT HARDWARE_UUID (#PCDATA)> <!ELEMENT FIRST_FOUND_DATE (#PCDATA)> <!ELEMENT LAST_ACTIVITY (#PCDATA)> <!ELEMENT AGENT_STATUS (#PCDATA)> <!ELEMENT CLOUD_AGENT_RUNNING_ON (#PCDATA)> <!ELEMENT AGENT_ACTIVATION_TITLE (#PCDATA)> <!ELEMENT AGENT_ACTIVATION_KEY (#PCDATA)> <!ELEMENT TAGS (TAG*)> <!ELEMENT TAG (TAG_ID?, NAME?)> <!ELEMENT TAG_ID (#PCDATA)> <!ELEMENT NAME (#PCDATA)> <!ELEMENT LAST_VULN_SCAN_DATETIME (#PCDATA)> <!ELEMENT LAST_VM_SCANNED_DATE (#PCDATA)> <!ELEMENT LAST_VM_SCANNED_DURATION (#PCDATA)> <!ELEMENT LAST_VM_AUTH_SCANNED_DATE (#PCDATA)> <!ELEMENT LAST_VM_AUTH_SCANNED_DURATION (#PCDATA)> <!ELEMENT LAST_COMPLIANCE_SCAN_DATETIME (#PCDATA)> <!ELEMENT PC_AUTH_SUCCESS_DATE (#PCDATA)> <!ELEMENT LAST_SCAP_SCAN_DATETIME (#PCDATA)> <!ELEMENT OWNER (#PCDATA)> <!ELEMENT COMMENTS (#PCDATA)> <!ELEMENT USER_DEF (LABEL_1?, LABEL_2?, LABEL_3?, VALUE_1?, VALUE_2?, VALUE_3?)> <!ELEMENT LABEL_1 (#PCDATA)> <!ELEMENT LABEL_2 (#PCDATA)> <!ELEMENT LABEL_3 (#PCDATA)> <!ELEMENT VALUE_1 (#PCDATA)> <!ATTLIST VALUE_1 ud_attr CDATA #REQUIRED> <!ELEMENT VALUE_2 (#PCDATA)> <!ATTLIST VALUE_2 ud_attr CDATA #REQUIRED> <!ELEMENT VALUE_3 (#PCDATA)> <!ATTLIST VALUE_3 ud_attr CDATA #REQUIRED> <!ELEMENT METADATA (EC2|GOOGLE|AZURE)+> <!ELEMENT EC2 (ATTRIBUTE*)> <!ELEMENT GOOGLE (ATTRIBUTE*)> <!ELEMENT AZURE (ATTRIBUTE*)> <!ELEMENT ATTRIBUTE (NAME,LAST_STATUS,VALUE,LAST_SUCCESS_DATE?,LAST_ERROR_DATE?,LAST_ERROR?)> <!ELEMENT LAST_STATUS (#PCDATA)> <!ELEMENT LAST_SUCCESS_DATE (#PCDATA)> <!ELEMENT LAST_ERROR_DATE (#PCDATA)> <!ELEMENT LAST_ERROR (#PCDATA)> <!ELEMENT CLOUD_PROVIDER_TAGS (CLOUD_TAG+)> <!ELEMENT CLOUD_TAG (NAME, VALUE, LAST_SUCCESS_DATE)> <!ELEMENT ASSET_GROUP_IDS (#PCDATA)> <!ELEMENT ID_SET ((ID|ID_RANGE)+)> <!ELEMENT ID_RANGE (#PCDATA)> <!ELEMENT WARNING (CODE?, TEXT, URL?)> <!ELEMENT CODE (#PCDATA)> <!ELEMENT TEXT (#PCDATA)> <!ELEMENT URL (#PCDATA)> <!ELEMENT GLOSSARY (USER_DEF?, USER_LIST?, ASSET_GROUP_LIST?)> <!ELEMENT USER_LIST (USER+)> <!ELEMENT USER (USER_LOGIN, FIRST_NAME, LAST_NAME)> <!ELEMENT FIRST_NAME (#PCDATA)> <!ELEMENT LAST_NAME (#PCDATA)> <!ELEMENT ASSET_GROUP_LIST (ASSET_GROUP+)> <!ELEMENT ASSET_GROUP (ID, TITLE)> <!ELEMENT TITLE (#PCDATA)> <!-- EOF -->
Qualys Policy Compliance (PC)
Launch Report: Retrieve Posture Modification Date in the Compliance Policy Report
| New or Updated API | Updated |
| API Endpoint | /api/2.0/fo/report |
| Method | POST |
| DTD or XSD changes | YES |
You can now retrieve the posture modification date in the report when each control posture status changes from Pass to Fail. Retrieving the posture modification date in the compliance policy report helps you monitor the 90-day SLA to remediate failed controls.
As part of this enhancement, we have added a new checkbox, Posture Modified Date, in the report template (Reports > Templates > Policy Template > Layout > Posture Modified Date). When you select this checkbox, the control posture modification date is displayed in the report.
Furthermore, the XML report format is now enhanced with a new DTD tag, Posture_Modified_Date. This tag displays the control posture modification date when the Posture Modified Date checkbox is selected in the report template.
There are no changes to the input parameters or API response when launching the report. However, changes are made to the XML format of the downloaded report. The new DTD tag is added to the XML structure of the report downloaded in XML format.
Sample - Download Compliance Policy Report in XML FormatSample - Download Compliance Policy Report in XML Format
API Request
curl -s -S -H 'X-Requested-With:curl demo2' -u "xx_xx:Xxxx123#" -d "action=fetch&id=2346276" "https://<qualys_base_url>/api/2.0/fo/report/
API Response
[root@panzer Xxxxx]# curl -k -s -S -H 'X-Requested-With:curl demo2' -u "xxx_xx:Xxxxx123#" -d "action=fetch&id=2349933" "https://<qualys_base_url>/api/2.0/fo/report/" <?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE COMPLIANCE_POLICY_REPORT SYSTEM "https://<qualys_base_url>/compliance_policy_report.dtd"> <COMPLIANCE_POLICY_REPORT> <HEADER> <NAME><![CDATA[DEF]]></NAME> <GENERATION_DATETIME>2024-12-16T05:40:36Z</GENERATION_DATETIME> <COMPANY_INFO> <NAME><![CDATA[vish]]></NAME> <ADDRESS><![CDATA[457,890]]></ADDRESS> <CITY><![CDATA[Pune]]></CITY> <STATE><![CDATA[None]]></STATE> <COUNTRY><![CDATA[Iceland]]></COUNTRY> <ZIP_CODE><![CDATA[87]]></ZIP_CODE> </COMPANY_INFO> <USER_INFO> <NAME><![CDATA[username]]></NAME> <USERNAME>user_name</USERNAME> <ROLE>Manager</ROLE> </USER_INFO> <FILTERS> <POLICY_ID><![CDATA[892678]]></POLICY_ID> <POLICY><![CDATA[Postgre_SQL_policy]]></POLICY> <POLICY_LOCKING><![CDATA[Unlocked]]></POLICY_LOCKING> <ASSET_GROUPS> <ASSET_GROUP> <ID><![CDATA[786415]]></ID> <NAME><![CDATA[10.10. 32.227 HA]]></NAME> </ASSET_GROUP> </ASSET_GROUPS> <PC_AGENT_IPS><![CDATA[No]]></PC_AGENT_IPS> <POLICY_LAST_EVALUATED><![CDATA[04/18/2023 at 21:10:46 (GMT+0530)]]></POLICY_LAST_EVALUATED> </FILTERS> </HEADER> <SUMMARY> <TOTAL_ASSETS>1</TOTAL_ASSETS> <TOTAL_CONTROLS>82</TOTAL_CONTROLS> <CONTROL_INSTANCES> <TOTAL>75</TOTAL> <TOTAL_PASSED>69</TOTAL_PASSED> <TOTAL_FAILED>0</TOTAL_FAILED> <TOTAL_ERROR>6</TOTAL_ERROR> <TOTAL_EXCEPTIONS>0</TOTAL_EXCEPTIONS> </CONTROL_INSTANCES> <HOST_STATISTICS> <HOST_INFO> <IP><![CDATA[10. 11.70.116]]></IP> <TRACKING_METHOD><![CDATA[IP]]></TRACKING_METHOD> <DNS><![CDATA[-]]></DNS> <NETBIOS><![CDATA[-]]></NETBIOS> <OPERATING_SYSTEM><![CDATA[CentOS 6.9]]></OPERATING_SYSTEM> <LAST_SCAN_DATE><![CDATA[2023-04-18T15:33:51Z]]></LAST_SCAN_DATE> <PERCENTAGE>92% (69 of 75)</PERCENTAGE> <HOST_ID><![CDATA[16 80546]]></HOST_ID> </HOST_INFO> </HOST_STATISTICS> </SUMMARY> <RESULTS> <HOST_LIST> <HOST> <TRACKING_METHOD><![CDATA[IP]]></TRACKING_METHOD> <QG_HOSTID><![CDATA[]]></QG_HOSTID> <IP><![CDATA[10. 11.70.116]]></IP> <OPERATING_SYSTEM><![CDATA[CentOS 6.9]]></OPERATING_SYSTEM> <LAST_SCAN_DATE>2023-04-18T15:33:51Z</LAST_SCAN_DATE> <TOTAL_PASSED>69</TOTAL_PASSED> <TOTAL_FAILED>0</TOTAL_FAILED> <TOTAL_ERROR>6</TOTAL_ERROR> <TOTAL_EXCEPTIONS>0</TOTAL_EXCEPTIONS> <ASSET_TAGS> <ASSET_TAG><![CDATA[WIn 2008]]></ASSET_TAG> <ASSET_TAG><![CDATA[Mongo DB 3.x]]></ASSET_TAG> <ASSET_TAG><![CDATA[Dee_BU]]></ASSET_TAG> <ASSET_TAG><![CDATA[Postgre SQL AG]]></ASSET_TAG> <ASSET_TAG><![CDATA[Postgre SQL]]></ASSET_TAG> <ASSET_TAG><![CDATA[ Amol Business Unit]]></ASSET_TAG> <ASSET_TAG><![CDATA[10. 10.32.227 HA]]></ASSET_TAG> <ASSET_TAG><![CDATA[10. 11.70.116 HA]]></ASSET_TAG> <ASSET_TAG><![CDATA[centos 6]]></ASSET_TAG> <ASSET_TAG><![CDATA[BU with Specific AG]]></ASSET_TAG> <ASSET_TAG><![CDATA[BU1]]></ASSET_TAG> <ASSET_TAG><![CDATA[Nov6 Beta]]></ASSET_TAG> </ASSET_TAGS> <CONTROL_LIST> <CONTROL> <CID>15835</CID> <STATEMENT><![CDATA[Status of parameter 'log_rotation_age' in postgresql.conf]]></STATEMENT> <CRITICALITY> <LABEL><![CDATA[MINIMAL1]]></LABEL> <VALUE>1</VALUE> </CRITICALITY> <RATIONALE><![CDATA[The 'log_rotation_age' this parameter determines the maximum lifetime of an individual log file.</RATIONALE> <INSTANCE><![CDATA[PostgreSQL 10.x (Port: 5 432, Database: postgres)]]></INSTANCE> <STATUS><![CDATA[Passed]]></STATUS> <TECHNOLOGY> <ID><![CDATA[143]]></ID> <NAME>PostgreSQL 10.x</NAME> </TECHNOLOGY> <EVALUATION_DATE>2023-04-18T15:40:46Z</EVALUATION_DATE> <PREVIOUS_STATUS>Passed</PREVIOUS_STATUS> <POSTURE_MODIFIED_DATE>2021-12-06T11:29:13Z</POSTURE_MODIFIED_DATE> <EVIDENCE><![CDATA[CHECK1]]></EVIDENCE> </CONTROL> <EXTENDED_EVIDENCE><![CDATA[Row 1:File,name,setting Row 2: /var/lib/pgsql/10/data/postgresql.conf,log_min_messages, ]]></EXTENDED_EVIDENCE> <STATISTICS> <ERRORS><![CDATA[]]></ERRORS> </STATISTICS> </CHECK> <CHECK> <NAME>CHECK3</NAME> <DP_NAME>pgsql.secman.hba_rule.unix_socket_trust</DP_NAME> <EXPECTED logic="OR"> <V><![CDATA[Setting not found]]></V> <V><![CDATA[File not found]]></V> <CRITERIA> <EVALUATION><![CDATA[matches regular expression list]]></EVALUATION> <V><![CDATA[.*]]></V> </CRITERIA> </EXPECTED> <ACTUAL lastUpdated="2023-04-18T15:33:51Z" /> <STATISTICS> <ERRORS><![CDATA[]]></ERRORS> </STATISTICS> </CHECK> <CHECK> <NAME>CHECK4</NAME> <DP_NAME>pgsql.secman.hba_rule.tcpip_socket_trust</DP_NAME> <EXPECTED logic="OR"> <V><![CDATA[Setting not found]]></V> <V><![CDATA[File not found]]></V> <CRITERIA> <EVALUATION><![CDATA[matches regular expression list]]></EVALUATION> <V><![CDATA[.*]]></V> </CRITERIA> </EXPECTED> <ACTUAL lastUpdated="2023-04-18T15:33:51Z" /> <STATISTICS> <ERRORS><![CDATA[]]></ERRORS> </STATISTICS> </CHECK> <CHECK> <NAME>CHECK5</NAME> <DP_NAME>pgsql.secman.conf_file.log_connections</DP_NAME> <EXPECTED logic="OR"> <V><![CDATA[File not found]]></V> <V><![CDATA[Setting not found]]></V> <CRITERIA> <EVALUATION><![CDATA[matches regular expression list]]></EVALUATION> <V><![CDATA[.*]]></V> </CRITERIA> </EXPECTED> <ACTUAL lastUpdated="2023-04-18T15:33:51Z"> <V><![CDATA[File not found]]></V> </ACTUAL> <EXTENDED_EVIDENCE><![CDATA[Row 1:File,name,setting <STATISTICS> <ERRORS><![CDATA[]]></ERRORS> </STATISTICS> </CHECK> <CHECK> <NAME>CHECK13</NAME> <DP_NAME>pgsql.secman.perms_bin_files</DP_NAME> <EXPECTED logic="OR"> <V><![CDATA[File not found]]></V> <V><![CDATA[Setting not found]]></V> <CRITERIA> <EVALUATION><![CDATA[matches regular expression list]]></EVALUATION> <V><![CDATA[.*]]></V> </CRITERIA> </EXPECTED> <ACTUAL lastUpdated="2023-04-18T15:33:51Z"> <V><![CDATA[ root:root:rwxr-xr-x:/usr/pgsql-10/bin/clusterdb]]></V> <V><![CDATA[ root:root:rwxr-xr-x:/usr/pgsql-10/bin/createdb]]></V> <V><![CDATA[ root:root:rwxr-xr-x:/usr/pgsql-10/bin/createuser]]></V> <V><![CDATA[ root:root:rwxr-xr-x:/usr/pgsql-10/bin/dropdb]]></V> <V><![CDATA[ root:root:rwxr-xr-x:/usr/pgsql-10/bin/dropuser]]></V> <V><![CDATA[ root:root:rwxr-xr-x:/usr/pgsql-10/bin/ecpg]]></V> <V><![CDATA[ root:root:rwxr-xr-x:/usr/pgsql-10/bin/initdb]]></V> <V><![CDATA[ root:root:rwxr-xr-x:/usr/pgsql-10/bin/oid2name]]></V> <V><![CDATA[ root:root:rwxr-xr-x:/usr/pgsql-10/bin/pgbench]]></V> <V><![CDATA[ root:root:rwxr-xr-x:/usr/pgsql-10/bin/pg_archivecleanup]]></V> <V><![CDATA[ root:root:rwxr-xr-x:/usr/pgsql-10/bin/pg_basebackup]]></V> <V><![CDATA[ root:root:rwxr-xr-x:/usr/pgsql-10/bin/pg_config]]></V> <V><![CDATA[ root:root:rwxr-xr-x:/usr/pgsql-10/bin/pg_controldata]]></V> <V><![CDATA[ root:root:rwxr-xr-x:/usr/pgsql-10/bin/pg_ctl]]></V> <V><![CDATA[ root:root:rwxr-xr-x:/usr/pgsql-10/bin/pg_dump]]></V> <V><![CDATA[ root:root:rwxr-xr-x:/usr/pgsql-10/bin/pg_dumpall]]></V> <V><![CDATA[ root:root:rwxr-xr-x:/usr/pgsql-10/bin/pg_isready]]></V> <V><![CDATA[root :root:rwxr-xr-x:/usr/pgsql-10/bin/pg_receivewal]]></V> <V><![CDATA[root: root:rwxr-xr-x:/usr/pgsql-10/bin/pg_recvlogical]]></V> <V><![CDATA[root: root:rwxr-xr-x:/usr/pgsql-10/bin/pg_resetwal]]></V> <V><![CDATA[root: root:rwxr-xr-x:/usr/pgsql-10/bin/pg_restore]]></V> <V><![CDATA[root: root:rwxr-xr-x:/usr/pgsql-10/bin/pg_rewind]]></V> <V><![CDATA[root: root:rwxr-xr-x:/usr/pgsql-10/bin/pg_standby]]></V> <V><![CDATA[root: root:rwxr-xr-x:/usr/pgsql-10/bin/pg_test_fsync]]></V> <V><![CDATA[root: root:rwxr-xr-x:/usr/pgsql-10/bin/pg_test_timing]]></V> <V><![CDATA[root: root:rwxr-xr-x:/usr/pgsql-10/bin/pg_upgrade]]></V> <V><![CDATA[root: root:rwxr-xr-x:/usr/pgsql-10/bin/pg_waldump]]></V> <V><![CDATA[root: root:rwxr-xr-x:/usr/pgsql-10/bin/postgres]]></V> <V><![CDATA[root: root:rwxr-xr-x:/usr/pgsql-10/bin/postmaster]]></V> <V><![CDATA[root: root:rwxr-xr-x:/usr/pgsql-10/bin/psql]]></V> <V><![CDATA[root: root:rwxr-xr-x:/usr/pgsql-10/bin/reindexdb]]></V> <V><![CDATA[root: root:rwxr-xr-x:/usr/pgsql-10/bin/vacuumdb]]></V> <V><![CDATA[root: root:rwxr-xr-x:/usr/pgsql-10/bin/vacuumlo]]></V> </ACTUAL> Row 2: /var/lib/pgsql/10/data/postgresql.conf,log_rotation_size, Row 2: /var/lib/pgsql/10/data/postgresql.conf,tcp_keepalives_idle, Row 2: /var/lib/pgsql/10/data/postgresql.conf,password_encryption, ]]></EXTENDED_EVIDENCE> <STATISTICS> <ERRORS><![CDATA[]]></ERRORS> </STATISTICS> </CHECK> <CHECK> <NAME>CHECK52</NAME> <DP_NAME>pgsql.secman.conf_file.log_error_verbosity</DP_NAME> <EXPECTED logic="OR"> <V><![CDATA[File not found]]></V> <V><![CDATA[Setting not found]]></V> <CRITERIA> <EVALUATION><![CDATA[matches regular expression list]]></EVALUATION> <V><![CDATA[.*]]></V> </CRITERIA> </EXPECTED> <ACTUAL lastUpdated="2023-04-18T15:33:51Z"> <V><![CDATA[File not found]]></V> </ACTUAL> <EXTENDED_EVIDENCE><![CDATA[Row 1:File,name,setting Row 2: /var/lib/pgsql/10/data/postgresql.conf,log_error_verbosity, ]]></EXTENDED_EVIDENCE> <STATISTICS> <ERRORS><![CDATA[]]></ERRORS> </STATISTICS> </CHECK> <CHECK> <NAME>CHECK53</NAME> <DP_NAME>pgsql.secman.perms_external_pid_file</DP_NAME> <EXPECTED logic="OR"> <V><![CDATA[Setting not found]]></V> <V><![CDATA[File not found]]></V> <CRITERIA> <EVALUATION><![CDATA[matches regular expression list]]></EVALUATION> <V><![CDATA[.*:.*:[-r][-w][-x][-r][-w][-x][-r][-w][-x][.+]*:.*]]></V> </CRITERIA> </EXPECTED> <ACTUAL lastUpdated="2023-04-18T15:33:51Z"> <V><![CDATA[File not found]]></V> </ACTUAL> <EXTENDED_EVIDENCE><![CDATA[Row 1:File,name,setting Row 2: /var/lib/pgsql/10/data/postgresql.conf,data_directory, ]]></EXTENDED_EVIDENCE> <STATISTICS> <ERRORS><![CDATA[]]></ERRORS> </STATISTICS> </CHECK> <CHECK> <NAME>CHECK54</NAME> <DP_NAME>pgsql.secman.ls_pkg_pgsql</DP_NAME> <EXPECTED logic="OR"> <V><![CDATA[Package Not Found]]></V> <CRITERIA> <EVALUATION><![CDATA[matches regular expression list]]></EVALUATION> <V><![CDATA[.*]]></V> </CRITERIA> </EXPECTED> <ACTUAL lastUpdated="2023-04-18T15:33:51Z"> <V><![CDATA[postgresql10-10.3-1PGDG.rhel6.x86_64]]></V> <V><![CDATA[postgresql10-contrib-10.3-1PGDG.rhel6.x86_64]]></V> <V><![CDATA[postgresql10-devel-10.3-1PGDG.rhel6.x86_64]]></V> <V><![CDATA[postgresql10-libs-10.3-1PGDG.rhel6.x86_64]]></V> <V><![CDATA[postgresql10-server-10.3-1PGDG.rhel6.x86_64]]></V> </ACTUAL> <STATISTICS> <ERRORS><![CDATA[]]></ERRORS> </STATISTICS> </CHECK> <CHECK> <NAME>CHECK55</NAME> <DP_NAME>pgsql.secman.openssl_version</DP_NAME> <EXPECTED logic="OR"> <V><![CDATA[OpenSSL not installed]]></V> <CRITERIA> <EVALUATION><![CDATA[matches regular expression list]]></EVALUATION> <V><![CDATA[.*]]></V> </CRITERIA> </EXPECTED> <ACTUAL lastUpdated="2023-04-18T15:33:51Z"> <V><![CDATA[OpenSSL 1.0.1e-fips 11 Feb 2013]]></V> </ACTUAL> <STATISTICS> <ERRORS><![CDATA[]]></ERRORS> </STATISTICS> </CHECK> <CHECK> <NAME>CHECK56</NAME> <DP_NAME>pgsql.secman.list_files_perms_in_datadir</DP_NAME> <EXPECTED logic="OR"> <V><![CDATA[Files not found]]></V> <V><![CDATA[Setting not found]]></V> <CRITERIA> <EVALUATION><![CDATA[matches regular expression list]]></EVALUATION> <V><![CDATA[.*]]></V> </CRITERIA> </EXPECTED> <ACTUAL lastUpdated="2023-04-18T15:33:51Z"> <V><![CDATA[Files not found]]></V> </ACTUAL> <EXTENDED_EVIDENCE><![CDATA[Row 1:File,name,setting Row 2: /var/lib/pgsql/10/data/postgresql.conf,data_directory, ]]></EXTENDED_EVIDENCE> <STATISTICS> <ERRORS><![CDATA[]]></ERRORS> </STATISTICS> </CHECK> <CHECK> <NAME>CHECK57</NAME> <DP_NAME>pgsql.secman.log_directory_mountpoint</DP_NAME> <EXPECTED logic="OR"> <V><![CDATA[Setting not found]]></V> <V><![CDATA[Mounted point not found]]></V> <CRITERIA> <EVALUATION><![CDATA[does not contain regular expression list]]></EVALUATION> <V><![CDATA[.*:/$]]></V> </CRITERIA> </EXPECTED> <ACTUAL lastUpdated="2023-04-18T15:33:51Z"> <V><![CDATA[Mounted point not found]]></V> </ACTUAL> <EXTENDED_EVIDENCE><![CDATA[Row 1:File,name,setting Row 2: /var/lib/pgsql/10/data/postgresql.conf,log_directory, ]]></EXTENDED_EVIDENCE> <STATISTICS> <ERRORS><![CDATA[]]></ERRORS> </STATISTICS> </CHECK> <CHECK> <NAME>CHECK58</NAME> <DP_NAME>pgsql.secman.hba_rule.tcpip_socket</DP_NAME> <EXPECTED logic="OR"> <V><![CDATA[Setting not found]]></V> <V><![CDATA[File not found]]></V> <CRITERIA> <EVALUATION><![CDATA[matches regular expression list]]></EVALUATION> <V><![CDATA[.*]]></V> </CRITERIA> </EXPECTED> <ACTUAL lastUpdated="2023-04-18T15:33:51Z" /> <STATISTICS> <ERRORS><![CDATA[]]></ERRORS> </STATISTICS> </CHECK> <CHECK> <NAME>CHECK59</NAME> <DP_NAME>pgsql.secman.user_acc_umask</DP_NAME> <EXPECTED logic="OR"> <V><![CDATA[User account not found]]></V> <V><![CDATA[Umask Setting not found]]></V> <CRITERIA> <EVALUATION><![CDATA[matches regular expression list]]></EVALUATION> <V><![CDATA[^[0-6][0-6][0-6][0-6]]]></V> </CRITERIA> </EXPECTED> <ACTUAL lastUpdated="2023-04-18T15:33:51Z"> <V><![CDATA[no-data-from-signature]]></V> </ACTUAL> <STATISTICS> <ERRORS><![CDATA[]]></ERRORS> </STATISTICS> </CHECK> <CHECK> <NAME>CHECK60</NAME> <DP_NAME>pgsql.secman.conf_file.log_hostname</DP_NAME> <EXPECTED logic="OR"> <V><![CDATA[File not found]]></V> <V><![CDATA[Setting not found]]></V> <CRITERIA> <EVALUATION><![CDATA[matches regular expression list]]></EVALUATION> <V><![CDATA[.*]]></V> </CRITERIA> </EXPECTED> <ACTUAL lastUpdated="2023-04-18T15:33:51Z"> <V><![CDATA[File not found]]></V> </ACTUAL> <EXTENDED_EVIDENCE><![CDATA[Row 1:File,name,setting Row 2: /var/lib/pgsql/10/data/postgresql.conf,log_hostname, ]]></EXTENDED_EVIDENCE> <STATISTICS> <ERRORS><![CDATA[]]></ERRORS> </STATISTICS> </CHECK> <CHECK> <NAME>CHECK61</NAME> <DP_NAME>pgsql.secman.conf_file.logging_collector</DP_NAME> <EXPECTED logic="OR"> <V><![CDATA[File not found]]></V> <V><![CDATA[Setting not found]]></V> <CRITERIA> <EVALUATION><![CDATA[matches regular expression list]]></EVALUATION> <V><![CDATA[.*]]></V> </CRITERIA> </EXPECTED> <ACTUAL lastUpdated="2023-04-18T15:33:51Z"> <V><![CDATA[File not found]]></V> </ACTUAL> <EXTENDED_EVIDENCE><![CDATA[Row 1:File,name,setting Row 2: /var/lib/pgsql/10/data/postgresql.conf,logging_collector, ]]></EXTENDED_EVIDENCE> <STATISTICS> <ERRORS><![CDATA[]]></ERRORS> </STATISTICS> </CHECK> <CHECK> <NAME>CHECK62</NAME> <DP_NAME>pgsql.secman.perms_logfile_log_directory</DP_NAME> <EXPECTED logic="OR"> <V><![CDATA[Setting not found]]></V> <V><![CDATA[File not found]]></V> <CRITERIA> <EVALUATION><![CDATA[matches regular expression list]]></EVALUATION> <V><![CDATA[.*:.*:[-r][-w][-x][-r][-w][-x][-r][-w][-x]:.*]]></V> </CRITERIA> </EXPECTED> <ACTUAL lastUpdated="2023-04-18T15:33:51Z"> <V><![CDATA[File not found]]></V> </ACTUAL> <EXTENDED_EVIDENCE><![CDATA[Row 1:File,name,setting Row 2: /var/lib/pgsql/10/data/postgresql.conf,data_directory, ]]></EXTENDED_EVIDENCE> <STATISTICS> <ERRORS><![CDATA[]]></ERRORS> </STATISTICS> </CHECK> <CHECK> <NAME>CHECK63</NAME> <DP_NAME>pgsql.secman.conf_file.syslog_ident</DP_NAME> <EXPECTED logic="OR"> <V><![CDATA[File not found]]></V> <V><![CDATA[Setting not found]]></V> <CRITERIA> <EVALUATION><![CDATA[matches regular expression list]]></EVALUATION> <V><![CDATA[.*]]></V> </CRITERIA> </EXPECTED> <ACTUAL lastUpdated="2023-04-18T15:33:51Z"> <V><![CDATA[File not found]]></V> </ACTUAL> <EXTENDED_EVIDENCE><![CDATA[Row 1:File,name,setting Row 2: /var/lib/pgsql/10/data/postgresql.conf,syslog_ident, ]]></EXTENDED_EVIDENCE> <STATISTICS> <ERRORS><![CDATA[]]></ERRORS> </STATISTICS> </CHECK> <CHECK> <NAME>CHECK64</NAME> <DP_NAME>pgsql.secman.conf_file.pgaudit.log_statement_once</DP_NAME> <EXPECTED logic="OR"> <V><![CDATA[File not found]]></V> <V><![CDATA[Setting not found]]></V> <CRITERIA> <EVALUATION><![CDATA[matches regular expression list]]></EVALUATION> <V><![CDATA[.*]]></V> </CRITERIA> </EXPECTED> <ACTUAL lastUpdated="2023-04-18T15:33:51Z"> <V><![CDATA[File not found]]></V> </ACTUAL> <EXTENDED_EVIDENCE><![CDATA[Row 1:File,name,setting Row 2: /var/lib/pgsql/10/data/postgresql.conf,pgaudit.log_statement_once, ]]></EXTENDED_EVIDENCE> <STATISTICS> <ERRORS><![CDATA[]]></ERRORS> </STATISTICS> </CHECK> <CHECK> <NAME>CHECK65</NAME> <DP_NAME>pgsql.secman.conf_file.tcp_keepalives_count</DP_NAME> <EXPECTED logic="OR"> <V><![CDATA[File not found]]></V> <V><![CDATA[Setting not found]]></V> <CRITERIA> <EVALUATION><![CDATA[matches regular expression list]]></EVALUATION> <V><![CDATA[.*]]></V> </CRITERIA> </EXPECTED> <ACTUAL lastUpdated="2023-04-18T15:33:51Z"> <V><![CDATA[File not found]]></V> </ACTUAL> <EXTENDED_EVIDENCE><![CDATA[Row 1:File,name,setting Row 2: /var/lib/pgsql/10/data/postgresql.conf,tcp_keepalives_count, ]]></EXTENDED_EVIDENCE> <STATISTICS> <ERRORS><![CDATA[]]></ERRORS> </STATISTICS> </CHECK> <CHECK> <NAME>CHECK66</NAME> <DP_NAME>pgsql.secman.perms_pgsql_binaries</DP_NAME> <EXPECTED logic="OR"> <V><![CDATA[Setting not found]]></V> <V><![CDATA[File not found]]></V> <CRITERIA> <EVALUATION><![CDATA[matches regular expression list]]></EVALUATION> <V><![CDATA[.*:.*:[-r][-w][-x][-r][-w][-x][-r][-w][-x][.+]*:.*]]></V> </CRITERIA> </EXPECTED> <ACTUAL lastUpdated="2023-04-18T15:33:51Z"> <V><![CDATA[root:root:rwxr-xr-x:/usr/pgsql-10/bin]]></V> </ACTUAL> <EXTENDED_EVIDENCE><![CDATA[Row 1:bindir,File/Directory(${bindir}) Row 2:/usr/pgsql-10/bin,/usr/pgsql-10/bin ]]></EXTENDED_EVIDENCE> <STATISTICS> <ERRORS><![CDATA[]]></ERRORS> </STATISTICS> </CHECK> <CHECK> <NAME>CHECK67</NAME> <DP_NAME>pgsql.secman.conf_file.log_duration</DP_NAME> <EXPECTED logic="OR"> <V><![CDATA[File not found]]></V> <V><![CDATA[Setting not found]]></V> <CRITERIA> <EVALUATION><![CDATA[matches regular expression list]]></EVALUATION> <V><![CDATA[.*]]></V> </CRITERIA> </EXPECTED> <ACTUAL lastUpdated="2023-04-18T15:33:51Z"> <V><![CDATA[File not found]]></V> </ACTUAL> <EXTENDED_EVIDENCE><![CDATA[Row 1:File,name,setting Row 2: /var/lib/pgsql/10/data/postgresql.conf,log_duration, ]]></EXTENDED_EVIDENCE> <STATISTICS> <ERRORS><![CDATA[]]></ERRORS> </STATISTICS> </CHECK> <CHECK> <NAME>CHECK68</NAME> <DP_NAME>pgsql.secman.conf_file.tcp_keepalives_interval</DP_NAME> <EXPECTED logic="OR"> <V><![CDATA[File not found]]></V> <V><![CDATA[Setting not found]]></V> <CRITERIA> <EVALUATION><![CDATA[matches regular expression list]]></EVALUATION> <V><![CDATA[.*]]></V> </CRITERIA> </EXPECTED> <ACTUAL lastUpdated="2023-04-18T15:33:51Z"> <V><![CDATA[File not found]]></V> </ACTUAL> <EXTENDED_EVIDENCE><![CDATA[Row 1:File,name,setting Row 2: /var/lib/pgsql/10/data/postgresql.conf,tcp_keepalives_interval, ]]></EXTENDED_EVIDENCE> <STATISTICS> <ERRORS><![CDATA[]]></ERRORS> </STATISTICS> </CHECK> <CHECK> <NAME>CHECK69</NAME> <DP_NAME>pgsql.secman.postgresql_srvc</DP_NAME> <EXPECTED logic="OR"> <V><![CDATA[Service not found]]></V> <CRITERIA> <EVALUATION><![CDATA[matches regular expression list]]></EVALUATION> <V><![CDATA[.*]]></V> </CRITERIA> </EXPECTED> <ACTUAL lastUpdated="2023-04-18T15:33:51Z"> <V><![CDATA[postgresql-10 0:off 1:off 2:on 3:on 4:on 5:on 6:off]]></V> </ACTUAL> <STATISTICS> <ERRORS><![CDATA[]]></ERRORS> </STATISTICS> </CHECK> <CHECK> <NAME>CHECK70</NAME> <DP_NAME>pgsql.secman.conf_file.ssl_crl_file</DP_NAME> <EXPECTED logic="OR"> <V><![CDATA[File not found]]></V> <V><![CDATA[Setting not found]]></V> <CRITERIA> <EVALUATION><![CDATA[matches regular expression list]]></EVALUATION> <V><![CDATA[.*]]></V> </CRITERIA> </EXPECTED> <ACTUAL lastUpdated="2023-04-18T15:33:51Z"> <V><![CDATA[File not found]]></V> </ACTUAL> <EXTENDED_EVIDENCE><![CDATA[Row 1:File,name,setting Row 2: /var/lib/pgsql/10/data/postgresql.conf,ssl_crl_file, ]]></EXTENDED_EVIDENCE> <STATISTICS> <ERRORS><![CDATA[]]></ERRORS> </STATISTICS> </CHECK> <CHECK> <NAME>CHECK71</NAME> <DP_NAME>pgsql.secman.conf_file.pgaudit.log_level</DP_NAME> <EXPECTED logic="OR"> <V><![CDATA[File not found]]></V> <V><![CDATA[Setting not found]]></V> <CRITERIA> <EVALUATION><![CDATA[matches regular expression list]]></EVALUATION> <V><![CDATA[.*]]></V> </CRITERIA> </EXPECTED> <ACTUAL lastUpdated="2023-04-18T15:33:51Z"> <V><![CDATA[File not found]]></V> </ACTUAL> <EXTENDED_EVIDENCE><![CDATA[Row 1:File,name,setting Row 2: /var/lib/pgsql/10/data/postgresql.conf,pgaudit.log_level, ]]></EXTENDED_EVIDENCE> <STATISTICS> <ERRORS><![CDATA[]]></ERRORS> </STATISTICS> </CHECK> <CHECK> <NAME>CHECK72</NAME> <DP_NAME>pgsql.secman.conf_file.statement_timeout</DP_NAME> <EXPECTED logic="OR"> <V><![CDATA[File not found]]></V> <V><![CDATA[Setting not found]]></V> <CRITERIA> <EVALUATION><![CDATA[matches regular expression list]]></EVALUATION> <V><![CDATA[.*]]></V> </CRITERIA> </EXPECTED> <ACTUAL lastUpdated="2023-04-18T15:33:51Z"> <V><![CDATA[File not found]]></V> </ACTUAL> <EXTENDED_EVIDENCE><![CDATA[Row 1:File,name,setting Row 2: /var/lib/pgsql/10/data/postgresql.conf,statement_timeout, ]]></EXTENDED_EVIDENCE> <STATISTICS> <ERRORS><![CDATA[]]></ERRORS> </STATISTICS> </CHECK> <CHECK> <NAME>CHECK73</NAME> <DP_NAME>pgsql.secman.conf_file.ssl_key_file</DP_NAME> <EXPECTED logic="OR"> <V><![CDATA[File not found]]></V> <V><![CDATA[Setting not found]]></V> <CRITERIA> <EVALUATION><![CDATA[matches regular expression list]]></EVALUATION> <V><![CDATA[.*]]></V> </CRITERIA> </EXPECTED> <ACTUAL lastUpdated="2023-04-18T15:33:51Z"> <V><![CDATA[File not found]]></V> </ACTUAL> <EXTENDED_EVIDENCE><![CDATA[Row 1:File,name,setting Row 2: /var/lib/pgsql/10/data/postgresql.conf,ssl_key_file, ]]></EXTENDED_EVIDENCE> <STATISTICS> <ERRORS><![CDATA[]]></ERRORS> </STATISTICS> </CHECK> <CHECK> <NAME>CHECK74</NAME> <DP_NAME>pgsql.secman.conf_file.log_line_prefix</DP_NAME> <EXPECTED logic="OR"> <V><![CDATA[File not found]]></V> <V><![CDATA[Setting not found]]></V> <CRITERIA> <EVALUATION><![CDATA[matches regular expression list]]></EVALUATION> <V><![CDATA[.*]]></V> </CRITERIA> </EXPECTED> <ACTUAL lastUpdated="2023-04-18T15:33:51Z"> <V><![CDATA[File not found]]></V> </ACTUAL> <EXTENDED_EVIDENCE><![CDATA[Row 1:File,name,setting Row 2: /var/lib/pgsql/10/data/postgresql.conf,log_line_prefix, ]]></EXTENDED_EVIDENCE> <STATISTICS> <ERRORS><![CDATA[]]></ERRORS> </STATISTICS> </CHECK> <CHECK> <NAME>CHECK75</NAME> <DP_NAME>pgsql.xxxx.xxx_file.client_min_messages</DP_NAME> <EXPECTED logic="OR"> <V><![CDATA[File not found]]></V> <V><![CDATA[Setting not found]]></V> <CRITERIA> <EVALUATION><![CDATA[matches regular expression list]]></EVALUATION> <V><![CDATA[.*]]></V> </CRITERIA> </EXPECTED> <ACTUAL lastUpdated="2023-04-18T15:33:51Z"> <V><![CDATA[File not found]]></V> </ACTUAL> <EXTENDED_EVIDENCE><![CDATA[Row 1:File,name,setting Row 2: /var/lib/pgsql/10/data/postgresql.conf,client_min_messages, ]]></EXTENDED_EVIDENCE> <STATISTICS> <ERRORS><![CDATA[]]></ERRORS> </STATISTICS> </CHECK> </CHECKS> <DP_DESCRIPTIONS> <DP> <DP_NAME>pgsql.secman.conf_file.log_rotation_age</DP_NAME> <DESCRIPTION><![CDATA[The following List String value(s) of <b>X</b> indicates the status of the <b>log_rotation_age</b> parameter in <b>postgresql.conf</b> file.]]></DESCRIPTION> </DP>
Issues Addressed
The following reported and notable customer API issue has been fixed in this release:
| Component/Category | Application |
Description |
| VM - Feature Request | Vulnerability Management | When the users launched the VM Scan Summary API (/api/2.0/fo/scan/vm/summary/?action=list), a scan was performed for the specified IP and IP ranges. Based on the inputs the scan results were displayed. However, if the total character count for the IPs exceeded 4000, the results included only a subset of the IPs (up to the 4000-character limit) instead of the complete list. Relevant code changes have been made to fix this issue. The scan results now display all the IPs and IP ranges as specified in the API. |
| VM - Activity logs | Vulnerability Management | When the user referred to the Export User Activity Log API (/api/2.0/fo/activity_log/) in the API User Guide, they observed that the fields since_datetime={value} and until_datetime={value} did not mention that the inputs for the date and time must be in UTC/GMT. This information, specifying that these fields must be specified in UTC/GMT, has been added to the API User Guide (PDF and HTML). |