Activate Findings
Activate ignored findings for a web application that is in the user’s scope.
Permissions required: User must have WAS module enabled. User account must have these permissions:
- Access Permission: API Access
- Ignore Vulnerabilities permission
The output includes findings for web applications in the user's scope.
Input ParametersInput Parameters
These elements are optional and act as filters. When multiple elements are specified, parameters are combined using a logical AND.
Click here for available operators
|
Parameter |
Mandatory /Optional |
Data Type |
Description |
|---|---|---|---|
|
id |
Optional |
integer |
ID of the finding (WebAppVuln, WebAppIg, or WebAppSensitiveContent). |
|
uniqueId |
Optional |
value |
The 36-bit unique id assigned to the finding. For example: <Finding> |
|
qid |
Optional |
integer |
Qualys ID assigned to the detection. |
|
name |
Optional |
text |
Name of the detection finding. |
|
type |
Optional |
keyword |
Type of the finding: VULNERABILITY, SENSITIVE_CONTENT, or INFORMATION_GATHERED. |
|
url |
Optional |
text |
URL of the web application on which the finding was detected. |
|
webApp.tags.id |
Optional |
date |
ID of the tag associated with the web application on which the finding was detected. |
|
webApp.tags.name |
Optional |
text |
Name of the tag associated with the web application on which the finding was detected. |
|
status |
Optional |
keyword |
Status of the finding: NEW, ACTIVE, REOPENED, PROTECTED and FIXED. |
|
patch |
Optional |
integer-long |
Use WAF to protect against vulnerabilities by installing virtual patches. |
|
webApp.id |
Optional |
integer |
ID of the web application on which the finding was detected. |
|
webApp.name |
Optional |
text |
Name of the web application on which the finding was detected. |
|
severity |
Optional |
integer |
Severity of the finding. |
|
externalRef |
Optional |
string |
Tip - Use operator IS EMPTY for findings with empty external references. |
|
ignoredDate |
Optional |
date |
The date on which the finding was marked to ignore. |
|
ignoredReason |
Optional |
keyword |
The reason for which the finding is ignored: FALSE_POSITIVE, RISK_ACCEPTED or NOT_APPLICABLE |
|
group |
Optional |
keyword |
XSS, SQL, INFO, PATH, CC, SSN_US or CUSTOM |
|
owasp.name |
Optional |
text |
Name of the OWASP vulnerability. |
|
owasp.code |
Optional |
integer |
Code associated with the OWASP vulnerability |
|
wasc.name |
Optional |
text |
Name of the vulnerability. |
|
wasc.code |
Optional |
integer |
Code of the vulnerability. |
|
cwe.id |
Optional |
integer |
ID associated with CWE. |
|
firstDetectedDate |
Optional |
date |
The date when the finding was first detected in the web application, |
|
lastDetectedDate |
Optional |
date |
The date when the finding was last detected in the web application. |
|
lastTestedDate |
Optional |
date |
The date when the finding was last tested in the web application. |
|
timesDetected |
Optional |
integer |
The count indicates the number of times the finding was detected. |
|
severity level |
Optional |
integer |
The severity associated with the finding:1,2,3,4,5 |
Sample - Activate all ignored findingsSample - Activate all ignored findings
API request:
curl -n -u "USERNAME:PASSWORD" "<qualys_base_url>/qps/rest/3.0/activate/was/finding"
XML response:
<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/finding.xsd">
<responseCode>SUCCESS</responseCode>
<count>3</count>
<data>
<Finding>
<id>1613225669</id>
<uniqueId>8a2c4d51-6d28-2b92-e053-2943720a74ab</uniqueId>
</Finding>
<Finding>
<id>1613255669</id>
<uniqueId>9a2c4d41-6d21-2b92-e054-3943720a65ab</uniqueId>
</Finding>
<Finding>
<id>1645195669</id>
<uniqueId>7a2c4d31-5d28-2b92-e055-4943720a51ab</uniqueId>
</Finding>
</data>
</ServiceResponse>
Sample - Activate specific findingSample - Activate specific finding
API request:
curl -n -u "USERNAME:PASSWORD" "<qualys_base_url>/qps/rest/3.0/activate/was/finding/1613255669"
XML response:
<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/finding.xsd">
<responseCode>SUCCESS</responseCode>
<count>1</count>
<data>
<Finding>
<id>1613255669</id>
<uniqueId>8a2c4d51-6d28-2b92-e053-2943720a74ab</uniqueId>
</Finding>
</data>
</ServiceResponse>
Sample - Activate a finding using uniqueIdSample - Activate a finding using uniqueId
API request:
curl -n -u "USERNAME:PASSWORD" "<qualys_base_url>/qps/rest/3.0/activate/was/finding/1613255669"
XML response:
<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/finding.xsd">
<responseCode>SUCCESS</responseCode>
<count>1</count>
<data>
<Finding>
<id>1613255669</id>
<uniqueId>8a2c4d51-6d28-2b92-e053-2943720a74ab</uniqueId>
</Finding>
</data>
</ServiceResponse>
XSD
<platform API server>/qps/xsd/3.0/was/finding.xsd