Generic CSV Import Fields in Import Detections
The following table lists the fields applicable only for Generic CSV:
| Field Name | Mandatory or Optional | Description | String Length (maximum) / Valid Input Values | Input Parameter |
| Host ID | Optional | It is a universal unique identifier (UUID) Qualys Host ID. The Qualys Host ID is assigned when you scan the host, or a Cloud Agent tracks the host. | 255 | Number |
| MAC Address | Optional |
You can discover an asset's MAC address using the QID of an asset. For example, 25-5x-xx-c1-xx-32 |
24 | String |
| FQDN | Optional | It is a fully qualified domain name of the host server. | 255 | String |
| NetBIOS | Optional |
NetBIOS is required if you are using old applications or an old version of Windows. The NetBIOS service operates over 139/TCP ports and must be included in the scan options when scanning or tracking by NetBIOS. For example, instance-vp-ubutnu01-03 |
255 | String |
| IP Address | Mandatory |
Host Assets are the IP addresses in your account. For example, xx.164.99.xx |
255 | String |
| Hostname | Optional |
Hostname distinguishes devices within the local network. For example, DESKTOP-IV14sF9.WORKGROUP |
255 | String |
| Operating System | Optional | Operating System lists the data on which vulnerability has been detected. Some of the operating system vendors that Qualys supports are Microsoft, Red Hat, SUSE, Amazon, and Oracle. To get the complete list of the vendors and the operating systems, see Cloud Agent Platform Availability Matirx (PAM) | 255 | String |
| Source | Mandatory | Source lists the data from the Vulnerability scanning tool. | 255 | String |
| Vulnerability External ID | Mandatory | Vulnerability External ID represents the vulnerability value mentioned by the National Vulnerability Database (NVD) or Vulnerability Tool. | 255 | String |
| Vulnerability Title | Mandatory |
Vulnerability Title represents the vulnerability name. For example, External Vulnerability Finding 163 |
255 | String |
| Vulnerability Description | Optional | Vulnerability Description is added to the database only when the Vulnerability External ID is unavailable. | 512 | String |
|
Severity |
Mandatory |
Severity describes the vulnerability severity and is added to the database only when the Vulnerability External ID is unavailable. The field value is skipped if you provide an invalid input value. If you do not enter any value by default, the value is considered 5 - Critical. |
|
Number |
| CVE(s) | Optional |
CVE(s) are the CVE ID for Vulnerability. For example, CVE-2020-1026 |
- | String |
| Vulnerability Score | Optional |
Vulnerability Score is a mandatory field if CVE ID is unavailable. |
- |
Number |
|
CVSSv2 Base Score CVSSv2 Temporal Score CVSSv3.1 Base Score CVSSv3.1 Temporal Score |
Optional | CVSS scoring is not enabled by default. The scan reports display CVSS Base and Temporal scores, including vulnerability details. | - | Number |
| CVSS Access Vector (AV) | Optional | CVSS Access Vector is a base score metric for CVSS v2. | - | String |
| Port | Optional |
Input the port value from where the vulnerability was detected. For example, 8080 |
- | Number |
| Protocol | Optional |
Input the network protocol name. For example, TCP |
40 | String |
| Vulnerability Finding | Optional |
Vulnerability Finding field represents the system path of the vulnerability. For example, qlua_vm_suse.qlv |
4000 | String |
|
State |
Mandatory |
State field represents the detection status of the vulnerability. The field value is skipped if you provide an invalid input value. If you do not enter any value by default, the value is considered Open. |
|
String |
|
Detection Method |
Optional |
Detection Method represents the type of detection method used for detecting vulnerability. |
|
String |