Returns the total number of findings on web application(s) in the user’s scope.
Permissions required - User must have WAS module enabled. User account must have these permissions: Access Permission “API Access”. The count includes web applications in the user's scope.
These elements are optional and act as filters. When multiple elements are specified, parameters are combined using a logical AND.
Click here for available operators
|
Parameter |
Mandatory /Optional |
Data Type |
Description |
|---|---|---|---|
|
id |
Optional |
integer |
ID of the finding (WebAppVuln, WebAppIg, or WebAppSensitiveContent). |
|
uniqueId |
Optional |
value |
The 36-bit unique id assigned to the finding. For example: <Finding> |
|
qid |
Optional |
integer |
Qualys ID assigned to the detection. |
|
name |
Optional |
text |
Name of the detection finding. |
|
type |
Optional |
keyword |
Type of the finding: VULNERABILITY, SENSITIVE_CONTENT, or INFORMATION_GATHERED. |
|
url |
Optional |
text |
URL of the web application on which the finding was detected. |
|
webApp.tags.id |
Optional |
date |
ID of the tag associated with the web application on which the finding was detected. |
|
webApp.tags.name |
Optional |
text |
Name of the tag associated with the web application on which the finding was detected. |
|
status |
Optional |
keyword |
Status of the finding: NEW, ACTIVE, REOPENED, PROTECTED and FIXED. |
|
patch |
Optional |
integer-long |
Use WAF to protect against vulnerabilities by installing virtual patches. |
|
webApp.id |
Optional |
integer |
ID of the web application on which the finding was detected. |
|
webApp.name |
Optional |
text |
Name of the web application on which the finding was detected. |
|
severity |
Optional |
integer |
Severity of the finding. |
|
externalRef |
Optional |
string |
Tip - Use operator IS EMPTY for findings with empty external references. |
|
ignoredDate |
Optional |
date |
The date on which the finding was marked to ignore. |
|
ignoredReason |
Optional |
keyword |
The reason for which the finding is ignored: FALSE_POSITIVE, RISK_ACCEPTED or NOT_APPLICABLE |
|
group |
Optional |
keyword |
XSS, SQL, INFO, PATH, CC, SSN_US or CUSTOM |
|
owasp.name |
Optional |
text |
Name of the OWASP vulnerability. |
|
owasp.code |
Optional |
integer |
Code associated with the OWASP vulnerability |
|
wasc.name |
Optional |
text |
Name of the vulnerability. |
|
wasc.code |
Optional |
integer |
Code of the vulnerability. |
|
cwe.id |
Optional |
integer |
ID associated with CWE. |
|
firstDetectedDate |
Optional |
date |
The date when the finding was first detected in the web application, |
|
lastDetectedDate |
Optional |
date |
The date when the finding was last detected in the web application. |
|
lastTestedDate |
Optional |
date |
The date when the finding was last tested in the web application. |
|
timesDetected |
Optional |
integer |
The count indicates the number of times the finding was detected. |
|
severity level |
Optional |
integer |
The severity associated with the finding:1,2,3,4,5 |
Return the number (count) of all findings in the user’s scope.
API request
curl -u "USERNAME:PASSWORD" "<qualys_base_url>/qps/rest/3.0/count/was/finding/"
XML response
<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchemainstance"
xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/finding.xsd">
<responseCode>SUCCESS</responseCode>
<count>2815</count>
</ServiceResponse>
API request
curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" --data-binary @- "<qualys_base_url>/qps/rest/3.0/count/was/finding/" < file.xml
Note: “file.xml” contains the request POST data.
Request POST data
<ServiceRequest>
<filters>
<Criteria field="type"
operator="EQUALS">VULNERABILITY</Criteria>
<Criteria field="severity" operator="EQUALS">5</Criteria>
<Criteria field="status" operator="IN">NEW, ACTIVE,
REOPENED</Criteria>
</filters>
</ServiceRequest>
XML response
<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchemainstance"
xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/finding.xsd">
<responseCode>SUCCESS</responseCode>
<count>41</count>
</ServiceResponse>
If you search for a finding using unique ID (uniqueId), the count will always be one.
API request
curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" --data-binary @- "<qualys_base_url>/qps/rest/3.0/count/was/finding/" < file.xml
Note: “file.xml” contains the request POST data.
Request POST data
<ServiceRequest>
<filters>
<Criteria field="uniqueId" operator="EQUALS">8a2c4d51-6d28-2b92-e053-2943720a74ab</Criteria>
</filters>
</ServiceRequest>
XML response
<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/finding.xsd">
<responseCode>SUCCESS</responseCode>
<count>1</count>
</ServiceResponse>
<platform API server>/qps/xsd/3.0/was/finding.xsd